001: /*
002: * @(#)Cipher.java 1.11 02/07/24 @(#)
003: *
004: * Copyright (c) 2000-2001 Sun Microsystems, Inc. All rights reserved.
005: * PROPRIETARY/CONFIDENTIAL
006: * Use is subject to license terms.
007: */
008:
009: package com.sun.portal.kssl;
010:
011: import com.sun.portal.ksecurity.CryptoException;
012: import com.sun.portal.ksecurity.Key;
013:
014: /**
015: * Implements an abstract class that generalizes all ciphers. It is
016: * modelled after javacardx.crypto.Cipher. This version of the implementation
017: * only supports ALG_RSA_KCS1 (public-key encryption/decryption using RSA)
018: * and ALG_ARCFOUR (a symmetric-key, stream cipher).
019: */
020: abstract class Cipher {
021: /**
022: * Cipher algorithm <code>ALG_RSA_PKCS1</code> provides a cipher
023: * using RSA. Input data is padded according to the PKCS#1 (v1.5)
024: * scheme.
025: */
026: public static final byte ALG_UNKNOWN = 1;
027: public static final byte ALG_RSA_PKCS1 = 2;
028:
029: /**
030: * Cipher algorithm <code>ALG_ARCFOUR</code> provides a stream cipher
031: * using ARCFOUR.
032: */
033: public static final byte ALG_ARCFOUR = 3;
034:
035: //New implementation
036: public static final byte ALG_DES = 4;
037: public static final byte ALG_TRIPLEDES = 5;
038:
039: /**
040: * Flag to indicate the current cipher algorithm is unknown.
041: */
042: protected static final byte MODE_UNKNOWN = 0;
043:
044: /** Used in init to indicate encryption mode. */
045: public static final byte MODE_ENCRYPT = 1;
046: /** Used in init to indicate decryption mode. */
047: public static final byte MODE_DECRYPT = 2;
048:
049: /** Protected constructor. */
050: protected Cipher() {
051: }
052:
053: /**
054: * Creates a cipher object instance of the selected algorithm.
055: * <p />
056: * @param alg desired cipher algorithm
057: * @param ext this parameter is ignored and is here only for
058: * compatibility with the JavaCard API
059: * @return a Cipher object implementing the specified algorithm
060: * @exception CryptoException with <code>NO_SUCH_ALGORITHM</code>
061: * reason code if the requested algorithm is not supported
062: */
063: public static Cipher getInstance(byte alg, boolean ext)
064: throws CryptoException {
065: switch (alg) {
066: case ALG_RSA_PKCS1:
067: return new Alg2();
068: //Moving to Sun JCE arch
069: case ALG_ARCFOUR:
070: return new RC4();
071: //New implementation
072: case ALG_DES:
073: return new DES();
074: case ALG_TRIPLEDES:
075: return new TripleDES();
076:
077: default:
078: throw new CryptoException(CryptoException.NO_SUCH_ALGORITHM);
079: }
080: }
081:
082: /**
083: * Gets the cipher algorithm.
084: * <p />
085: * @return the cipher algorithm implemented by this Cipher object
086: */
087: public abstract byte getAlgorithm();
088:
089: /**
090: * Initializes the Cipher object with the appropriate Key. This
091: * method should be used for algorithms which do not need
092: * initialization parameters or use default parameter values.
093: * <p />
094: * @param theKey the key object used for encryption/decryption
095: * @param theMode one of <code>MODE_ENCRYPT</code> or
096: * <code>MODE_DECRYPT</code>
097: * @exception CryptoException with <code>ILLEGAL_VALUE</code> reason code
098: * if the mode is undefined or inconsistent with the specified key
099: */
100: public abstract void init(Key theKey, byte theMode)
101: throws CryptoException;
102:
103: /**
104: * Initializes the Cipher object with the appropriate key and
105: * algorithm specific parameters.
106: * <p />
107: * @param theKey the key object used for encryption/decryption
108: * @param theMode one of <code>MODE_ENCRYPT</code> or
109: * <code>MODE_DECRYPT</code>
110: * @param b byte array containing algorithm specific
111: * initialization info
112: * @param off offset within <code>b</code> where initialization
113: * info begins
114: * @param len byte length of the initialization info
115: * @exception CryptoException with <code>ILLEGAL_VALUE</code> reason code
116: * if the mode is undefined or inconsistent with the specified key
117: * or if the initialization parameters are inconsistent with the chosen
118: * cipher
119: */
120: public abstract void init(Key theKey, byte theMode, byte[] b,
121: int off, int len) throws CryptoException;
122:
123: /**
124: * Generates encrypted/decrypted output from input data. When this
125: * method is used, temporary storage of intermediate results is
126: * required. This method should only be used if all the input data
127: * required for the signature is not available in one byte array.
128: * The doFinal() method is recommended whenever possible.
129: * <p />
130: * @param inBuf the input buffer containing data to be encrypted/decrypted
131: * @param inOff offset within <code>inBuf</code> where the input starts
132: * @param inLen byte-length of the input
133: * @param outBuf output buffer
134: * @param outOff starting offset into <code>outBuf</code> where the
135: * resulting output is to be placed
136: * @return number of bytes placed in the output buffer
137: * @exception CryptoException with reason code
138: * <code>UNINITIALIZED_KEY</code> if key is not initialized,
139: * <code>INVALID_INIT</code> if the <code>Cipher</code> object
140: * is not initialized, <code>ILLEGAL_USE</code> if the input
141: * message length is not supported
142: */
143: public abstract int update(byte[] inBuf, int inOff, int inLen,
144: byte[] outBuf, int outOff) throws CryptoException;
145:
146: /**
147: * Generates the encrypted/decrypted output from all/last input data.
148: * A call to this method also resets this <code>Cipher</code> object to
149: * the state it was in when previously initialized via a call to
150: * <code>init()</code>. That is, the object is reset and available to
151: * encrypt or decrypt more data.
152: * <P />
153: * @param inBuf the input buffer containing data to be encrypted/decrypted
154: * @param inOff offset within <code>inBuf</code> where the input starts
155: * @param inLen byte-length of the input
156: * @param outBuf output buffer
157: * @param outOff starting offset into <code>outBuf</code> where the
158: * resulting output is to be placed
159: * @return number of bytes placed in the output buffer
160: * @exception CryptoException with reason code
161: * <code>UNINITIALIZED_KEY</code> if key is not initialized,
162: * <code>INVALID_INIT</code> if the <code>Cipher</code> object
163: * is not initialized, <code>ILLEGAL_USE</code> if the input
164: * message length is not supported
165: */
166: public abstract int doFinal(byte[] inBuf, int inOff, int inLen,
167: byte[] outBuf, int outOff) throws CryptoException;
168:
169: }
|