001: package org.bouncycastle.crypto.modes;
002:
003: import org.bouncycastle.crypto.BlockCipher;
004: import org.bouncycastle.crypto.CipherParameters;
005: import org.bouncycastle.crypto.DataLengthException;
006:
007: /**
008: * Implements OpenPGP's rather strange version of Cipher-FeedBack (CFB) mode
009: * on top of a simple cipher. This class assumes the IV has been prepended
010: * to the data stream already, and just accomodates the reset after
011: * (blockSize + 2) bytes have been read.
012: * <p>
013: * For further info see <a href="http://www.ietf.org/rfc/rfc2440.html">RFC 2440</a>.
014: */
015: public class OpenPGPCFBBlockCipher implements BlockCipher {
016: private byte[] IV;
017: private byte[] FR;
018: private byte[] FRE;
019: private byte[] tmp;
020:
021: private BlockCipher cipher;
022:
023: private int count;
024: private int blockSize;
025: private boolean forEncryption;
026:
027: /**
028: * Basic constructor.
029: *
030: * @param cipher the block cipher to be used as the basis of the
031: * feedback mode.
032: */
033: public OpenPGPCFBBlockCipher(BlockCipher cipher) {
034: this .cipher = cipher;
035:
036: this .blockSize = cipher.getBlockSize();
037: this .IV = new byte[blockSize];
038: this .FR = new byte[blockSize];
039: this .FRE = new byte[blockSize];
040: this .tmp = new byte[blockSize];
041: }
042:
043: /**
044: * return the underlying block cipher that we are wrapping.
045: *
046: * @return the underlying block cipher that we are wrapping.
047: */
048: public BlockCipher getUnderlyingCipher() {
049: return cipher;
050: }
051:
052: /**
053: * return the algorithm name and mode.
054: *
055: * @return the name of the underlying algorithm followed by "/PGPCFB"
056: * and the block size in bits.
057: */
058: public String getAlgorithmName() {
059: return cipher.getAlgorithmName() + "/OpenPGPCFB";
060: }
061:
062: /**
063: * return the block size we are operating at.
064: *
065: * @return the block size we are operating at (in bytes).
066: */
067: public int getBlockSize() {
068: return cipher.getBlockSize();
069: }
070:
071: /**
072: * Process one block of input from the array in and write it to
073: * the out array.
074: *
075: * @param in the array containing the input data.
076: * @param inOff offset into the in array the data starts at.
077: * @param out the array the output data will be copied into.
078: * @param outOff the offset into the out array the output will start at.
079: * @exception DataLengthException if there isn't enough data in in, or
080: * space in out.
081: * @exception IllegalStateException if the cipher isn't initialised.
082: * @return the number of bytes processed and produced.
083: */
084: public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
085: throws DataLengthException, IllegalStateException {
086: return (forEncryption) ? encryptBlock(in, inOff, out, outOff)
087: : decryptBlock(in, inOff, out, outOff);
088: }
089:
090: /**
091: * reset the chaining vector back to the IV and reset the underlying
092: * cipher.
093: */
094: public void reset() {
095: count = 0;
096:
097: System.arraycopy(IV, 0, FR, 0, FR.length);
098:
099: cipher.reset();
100: }
101:
102: /**
103: * Initialise the cipher and, possibly, the initialisation vector (IV).
104: * If an IV isn't passed as part of the parameter, the IV will be all zeros.
105: * An IV which is too short is handled in FIPS compliant fashion.
106: *
107: * @param forEncryption if true the cipher is initialised for
108: * encryption, if false for decryption.
109: * @param params the key and other data required by the cipher.
110: * @exception IllegalArgumentException if the params argument is
111: * inappropriate.
112: */
113: public void init(boolean forEncryption, CipherParameters params)
114: throws IllegalArgumentException {
115: this .forEncryption = forEncryption;
116:
117: reset();
118:
119: cipher.init(true, params);
120: }
121:
122: /**
123: * Encrypt one byte of data according to CFB mode.
124: * @param data the byte to encrypt
125: * @param blockOff offset in the current block
126: * @return the encrypted byte
127: */
128: private byte encryptByte(byte data, int blockOff) {
129: return (byte) (FRE[blockOff] ^ data);
130: }
131:
132: /**
133: * Do the appropriate processing for CFB IV mode encryption.
134: *
135: * @param in the array containing the data to be encrypted.
136: * @param inOff offset into the in array the data starts at.
137: * @param out the array the encrypted data will be copied into.
138: * @param outOff the offset into the out array the output will start at.
139: * @exception DataLengthException if there isn't enough data in in, or
140: * space in out.
141: * @exception IllegalStateException if the cipher isn't initialised.
142: * @return the number of bytes processed and produced.
143: */
144: private int encryptBlock(byte[] in, int inOff, byte[] out,
145: int outOff) throws DataLengthException,
146: IllegalStateException {
147: if ((inOff + blockSize) > in.length) {
148: throw new DataLengthException("input buffer too short");
149: }
150:
151: if ((outOff + blockSize) > out.length) {
152: throw new DataLengthException("output buffer too short");
153: }
154:
155: if (count > blockSize) {
156: FR[blockSize - 2] = out[outOff] = encryptByte(in[inOff],
157: blockSize - 2);
158: FR[blockSize - 1] = out[outOff + 1] = encryptByte(
159: in[inOff + 1], blockSize - 1);
160:
161: cipher.processBlock(FR, 0, FRE, 0);
162:
163: for (int n = 2; n < blockSize; n++) {
164: out[outOff + n] = encryptByte(in[inOff + n], n - 2);
165: }
166:
167: System.arraycopy(out, outOff + 2, FR, 0, blockSize - 2);
168: } else if (count == 0) {
169: cipher.processBlock(FR, 0, FRE, 0);
170:
171: for (int n = 0; n < blockSize; n++) {
172: out[outOff + n] = encryptByte(in[inOff + n], n);
173: }
174:
175: System.arraycopy(out, outOff, FR, 0, blockSize);
176:
177: count += blockSize;
178: } else if (count == blockSize) {
179: cipher.processBlock(FR, 0, FRE, 0);
180:
181: out[outOff] = encryptByte(in[inOff], 0);
182: out[outOff + 1] = encryptByte(in[inOff + 1], 1);
183:
184: //
185: // do reset
186: //
187: System.arraycopy(FR, 2, FR, 0, blockSize - 2);
188: System.arraycopy(out, outOff, FR, blockSize - 2, 2);
189:
190: cipher.processBlock(FR, 0, FRE, 0);
191:
192: for (int n = 2; n < blockSize; n++) {
193: out[outOff + n] = encryptByte(in[inOff + n], n - 2);
194: }
195:
196: System.arraycopy(out, outOff + 2, FR, 0, blockSize - 2);
197:
198: count += blockSize;
199: }
200:
201: return blockSize;
202: }
203:
204: /**
205: * Do the appropriate processing for CFB IV mode decryption.
206: *
207: * @param in the array containing the data to be decrypted.
208: * @param inOff offset into the in array the data starts at.
209: * @param out the array the encrypted data will be copied into.
210: * @param outOff the offset into the out array the output will start at.
211: * @exception DataLengthException if there isn't enough data in in, or
212: * space in out.
213: * @exception IllegalStateException if the cipher isn't initialised.
214: * @return the number of bytes processed and produced.
215: */
216: private int decryptBlock(byte[] in, int inOff, byte[] out,
217: int outOff) throws DataLengthException,
218: IllegalStateException {
219: if ((inOff + blockSize) > in.length) {
220: throw new DataLengthException("input buffer too short");
221: }
222:
223: if ((outOff + blockSize) > out.length) {
224: throw new DataLengthException("output buffer too short");
225: }
226:
227: if (count > blockSize) {
228: // copy in buffer so that this mode works if in and out are the same
229: System.arraycopy(in, inOff, tmp, 0, blockSize);
230:
231: out[outOff] = encryptByte(tmp[0], blockSize - 2);
232: out[outOff + 1] = encryptByte(tmp[1], blockSize - 1);
233:
234: System.arraycopy(tmp, 0, FR, blockSize - 2, 2);
235:
236: cipher.processBlock(FR, 0, FRE, 0);
237:
238: for (int n = 2; n < blockSize; n++) {
239: out[outOff + n] = encryptByte(tmp[n], n - 2);
240: }
241:
242: System.arraycopy(tmp, 2, FR, 0, blockSize - 2);
243: } else if (count == 0) {
244: cipher.processBlock(FR, 0, FRE, 0);
245:
246: for (int n = 0; n < blockSize; n++) {
247: FR[n] = in[inOff + n];
248: out[n] = encryptByte(in[inOff + n], n);
249: }
250:
251: count += blockSize;
252: } else if (count == blockSize) {
253: System.arraycopy(in, inOff, tmp, 0, blockSize);
254:
255: cipher.processBlock(FR, 0, FRE, 0);
256:
257: out[outOff] = encryptByte(tmp[0], 0);
258: out[outOff + 1] = encryptByte(tmp[1], 1);
259:
260: System.arraycopy(FR, 2, FR, 0, blockSize - 2);
261:
262: FR[blockSize - 2] = tmp[0];
263: FR[blockSize - 1] = tmp[1];
264:
265: cipher.processBlock(FR, 0, FRE, 0);
266:
267: for (int n = 2; n < blockSize; n++) {
268: FR[n - 2] = in[inOff + n];
269: out[outOff + n] = encryptByte(in[inOff + n], n - 2);
270: }
271:
272: count += blockSize;
273: }
274:
275: return blockSize;
276: }
277: }
|