Frames | No Frames |
1: /* DESKeySpec -- Keys for DES. 2: Copyright (C) 2004 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package javax.crypto.spec; 40: 41: import java.security.InvalidKeyException; 42: import java.security.spec.KeySpec; 43: 44: /** 45: * This class is a transparent wrapper for DES keys, which are arrays 46: * of 8 bytes. 47: * 48: * @author Casey Marshall (csm@gnu.org) 49: * @since 1.4 50: */ 51: public class DESKeySpec implements KeySpec 52: { 53: 54: // Constants. 55: // ------------------------------------------------------------------------ 56: 57: /** 58: * The length of a DES key, in bytes. 59: */ 60: public static final int DES_KEY_LEN = 8; 61: 62: /** 63: * The key bytes. 64: */ 65: private byte[] key; 66: 67: // Constructors. 68: // ------------------------------------------------------------------------ 69: 70: /** 71: * Create a new DES key spec, copying the first 8 bytes from the 72: * byte array. 73: * 74: * @param key The key bytes. 75: * @throws java.security.InvalidKeyException If there are less than 8 76: * bytes in the array. 77: */ 78: public DESKeySpec(byte[] key) throws InvalidKeyException 79: { 80: this(key, 0); 81: } 82: 83: /** 84: * Create a new DES key spec, starting at <code>offset</code> in 85: * the byte array. The first 8 bytes starting at <code>offset</code> 86: * are copied. 87: * 88: * @param key The key bytes. 89: * @param offset The offset into the byte array at which to begin. 90: * @throws java.security.InvalidKeyException If there are less than 8 91: * bytes starting at <code>offset</code>. 92: */ 93: public DESKeySpec(byte[] key, int offset) throws InvalidKeyException 94: { 95: if (key.length - offset < DES_KEY_LEN) 96: { 97: throw new InvalidKeyException("DES keys must be 8 bytes long"); 98: } 99: this.key = new byte[DES_KEY_LEN]; 100: System.arraycopy(key, offset, this.key, 0, DES_KEY_LEN); 101: } 102: 103: // Class methods. 104: // ------------------------------------------------------------------------ 105: 106: /** 107: * Returns whether or not the given key is <i>parity adjusted</i>; 108: * i.e. every byte in the key has an odd number of "1" bits. 109: * 110: * @param key The key bytes, considered between <code>[offset, 111: * offset+7]</code> 112: * @param offset The offset into the byte array at which to begin. 113: * @return True if all bytes have an odd number of "1" bits. 114: * @throws java.security.InvalidKeyException If there are not enough 115: * bytes in the array. 116: */ 117: public static boolean isParityAdjusted(byte[] key, int offset) 118: throws InvalidKeyException 119: { 120: if (key.length - offset < DES_KEY_LEN) 121: { 122: throw new InvalidKeyException("DES keys must be 8 bytes long"); 123: } 124: boolean parity = false; 125: boolean oddbits = false; 126: for (int i = 0; i < DES_KEY_LEN; i++) 127: { 128: oddbits = false; 129: for (int j = 0; j < 8; j++) 130: { 131: oddbits ^= (key[i+offset] & 1 << j) != 0; 132: } 133: parity &= oddbits; 134: } 135: return parity; 136: } 137: 138: /** 139: * One-half of the weak and semiweak DES keys (the other half are the 140: * complements of these). 141: */ 142: private static final byte[][] WEAK_KEYS = new byte[][] { 143: { 0, 0, 0, 0, 0, 0, 0, 0 }, // 0000 0000 0000 0000 144: { -1, -1, -1, -1, 0, 0, 0, 0 }, // ffff ffff 0000 0000 145: { 1, 1, 1, 1, 1, 1, 1, 1 }, // 0101 0101 0101 0101 146: { 31, 31, 31, 31, 14, 14, 14, 14 }, // 1f1f 1f1f 0e0e 0e0e 147: { 1, -2, 1, -2, 1, -2, 1, -2 }, // 01fe 01fe 01fe 01fe 148: { 31, -32, 31, -32, -32, 31, -32, 31 }, // 1fe0 1fe0 0e1f 0e1f 149: { 1, -32, 1, -32, 1, -15, 1, -15 }, // 01e0 01e0 01f1 01f1 150: { 31, -2, 31, -2, 14, -2, 14, -2 }, // 1ffe 1ffe 0efe 0efe 151: { 1, 31, 1, 31, 1, 14, 1, 14 }, // 011f 011f 010e 010e 152: { -32, -2, -32, -2, -15, -2, -15, -2 }, // e0fe e0fe f1fe f1fe 153: }; 154: 155: /** 156: * Tests if the bytes between <code>[offset, offset+7]</code> 157: * constitute a weak or semi-weak DES key. 158: * 159: * @param key The key bytes to check. 160: * @param offset The offset in the byte array to start. 161: * @return true If the key bytes are a weak key. 162: */ 163: public static boolean isWeak(byte[] key, int offset) 164: throws InvalidKeyException 165: { 166: if (key.length - offset < DES_KEY_LEN) 167: { 168: throw new InvalidKeyException("DES keys must be 8 bytes long"); 169: } 170: for (int i = 0; i < WEAK_KEYS.length; i++) 171: { 172: if (equalsOrComplementEquals(key, offset, WEAK_KEYS[i])) 173: { 174: return true; 175: } 176: } 177: return false; 178: } 179: 180: /** 181: * This method returns true if the first 8 bytes starting at 182: * <code>off</code> in <code>a</code> equal the first 8 bytes in 183: * <code>b</code>, or equal the <i>complement</i> of the first 8 bytes 184: * in <code>b</code>. 185: * 186: * @param a The first byte array. 187: * @param off The index into the first byte array. 188: * @param b The second byte array. 189: * @return <code>a == b || a == ~b</code> 190: */ 191: private static boolean equalsOrComplementEquals(byte[] a, int off, byte[] b) 192: { 193: boolean result = true; 194: for (int i = 0; i < DES_KEY_LEN; i++) 195: { 196: result &= a[off+i] == b[i]; 197: } 198: if (result) return true; 199: result = true; 200: for (int i = 0; i < DES_KEY_LEN; i++) 201: { 202: result &= a[off+i] == (~b[i]); 203: } 204: return result; 205: } 206: 207: // Instance methods. 208: // ------------------------------------------------------------------------ 209: 210: /** 211: * Return the key as a byte array. This method does not copy the byte 212: * array. 213: * 214: * @return The key bytes. 215: */ 216: public byte[] getKey() 217: { 218: return key; 219: } 220: }