/* |
|
* Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. |
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
* |
|
* This code is free software; you can redistribute it and/or modify it |
|
* under the terms of the GNU General Public License version 2 only, as |
|
* published by the Free Software Foundation. Oracle designates this |
|
* particular file as subject to the "Classpath" exception as provided |
|
* by Oracle in the LICENSE file that accompanied this code. |
|
* |
|
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
* version 2 for more details (a copy is included in the LICENSE file that |
|
* accompanied this code). |
|
* |
|
* You should have received a copy of the GNU General Public License version |
|
* 2 along with this work; if not, write to the Free Software Foundation, |
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
* |
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
* or visit www.oracle.com if you need additional information or have any |
|
* questions. |
|
*/ |
|
package com.sun.crypto.provider; |
|
import java.security.InvalidKeyException; |
|
/** |
|
* This class implements the Triple DES algorithm (DES encryption, followed by |
|
* DES decryption, followed by DES encryption) on a byte array of size |
|
* <code>DES_BLOCK_SIZE</code>. Each DES operation has its own key. |
|
* |
|
* @author Gigi Ankeny |
|
* @author Jan Luehe |
|
* |
|
* |
|
* @see DESConstants |
|
* @see DESCipher |
|
*/ |
|
final class DESedeCrypt extends DESCrypt implements DESConstants { |
|
/* |
|
* the expanded key used in encrypt/decrypt/encrypt phase |
|
*/ |
|
private byte[] key1 = null; |
|
private byte[] key2 = null; |
|
private byte[] key3 = null; |
|
private byte[] buf1, buf2; |
|
/* |
|
* constructor |
|
*/ |
|
DESedeCrypt() { |
|
buf1 = new byte[DES_BLOCK_SIZE]; |
|
buf2 = new byte[DES_BLOCK_SIZE]; |
|
} |
|
void init(boolean decrypting, String algorithm, byte[] keys) |
|
throws InvalidKeyException { |
|
if (!algorithm.equalsIgnoreCase("DESede") |
|
&& !algorithm.equalsIgnoreCase("TripleDES")) { |
|
throw new InvalidKeyException |
|
("Wrong algorithm: DESede or TripleDES required"); |
|
} |
|
if (keys.length != DES_BLOCK_SIZE * 3) { |
|
throw new InvalidKeyException("Wrong key size"); |
|
} |
|
byte[] keybuf = new byte[DES_BLOCK_SIZE]; |
|
// retrieve the first key |
|
key1 = new byte[128]; |
|
System.arraycopy(keys, 0, keybuf, 0, DES_BLOCK_SIZE); |
|
expandKey(keybuf); |
|
System.arraycopy(expandedKey, 0, key1, 0, 128); |
|
// check if the third key is the same |
|
if (keyEquals(keybuf, 0, keys, DES_BLOCK_SIZE*2, DES_BLOCK_SIZE)) { |
|
key3 = key1; |
|
} else { |
|
key3 = new byte[128]; |
|
System.arraycopy(keys, DES_BLOCK_SIZE*2, keybuf, 0, |
|
DES_BLOCK_SIZE); |
|
expandKey(keybuf); |
|
System.arraycopy(expandedKey, 0, key3, 0, 128); |
|
} |
|
// retrieve the second key |
|
key2 = new byte[128]; |
|
System.arraycopy(keys, DES_BLOCK_SIZE, keybuf, 0, DES_BLOCK_SIZE); |
|
expandKey(keybuf); |
|
System.arraycopy(expandedKey, 0, key2, 0, 128); |
|
} |
|
/** |
|
* Performs encryption operation. |
|
* |
|
* <p>The input plain text <code>plain</code>, starting at |
|
* <code>plainOffset</code> and ending at |
|
* <code>(plainOffset + blockSize - 1)</code>, is encrypted. |
|
* The result is stored in <code>cipher</code>, starting at |
|
* <code>cipherOffset</code>. |
|
* |
|
* @param plain the buffer with the input data to be encrypted |
|
* @param plainOffset the offset in <code>plain</code> |
|
* @param cipher the buffer for the result |
|
* @param cipherOffset the offset in <code>cipher</code> |
|
*/ |
|
void encryptBlock(byte[] plain, int plainOffset, |
|
byte[] cipher, int cipherOffset) |
|
{ |
|
expandedKey = key1; |
|
decrypting = false; |
|
cipherBlock(plain, plainOffset, buf1, 0); |
|
expandedKey = key2; |
|
decrypting = true; |
|
cipherBlock(buf1, 0, buf2, 0); |
|
expandedKey = key3; |
|
decrypting = false; |
|
cipherBlock(buf2, 0, cipher, cipherOffset); |
|
} |
|
/** |
|
* Performs decryption operation. |
|
* |
|
* <p>The input cipher text <code>cipher</code>, starting at |
|
* <code>cipherOffset</code> and ending at |
|
* <code>(cipherOffset + blockSize - 1)</code>, is decrypted. |
|
* The result is stored in <code>plain</code>, starting at |
|
* <code>plainOffset</code>. |
|
* |
|
* @param cipher the buffer with the input data to be decrypted |
|
* @param cipherOffset the offset in <code>cipherOffset</code> |
|
* @param plain the buffer for the result |
|
* @param plainOffset the offset in <code>plain</code> |
|
*/ |
|
void decryptBlock(byte[] cipher, int cipherOffset, |
|
byte[] plain, int plainOffset) |
|
{ |
|
expandedKey = key3; |
|
decrypting = true; |
|
cipherBlock(cipher, cipherOffset, buf1, 0); |
|
expandedKey = key2; |
|
decrypting = false; |
|
cipherBlock(buf1, 0, buf2, 0); |
|
expandedKey = key1; |
|
decrypting = true; |
|
cipherBlock(buf2, 0, plain, plainOffset); |
|
} |
|
private boolean keyEquals(byte[] key1, int off1, |
|
byte[] key2, int off2, int len) { |
|
for (int i=0; i<len; i++) { |
|
if (key1[i+off1] != key2[i+off2]) |
|
return false; |
|
} |
|
return true; |
|
} |
|
} |