| /* |
| * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. Oracle designates this |
| * particular file as subject to the "Classpath" exception as provided |
| * by Oracle in the LICENSE file that accompanied this code. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| package javax.crypto.spec; |
| |
| import java.security.InvalidKeyException; |
| |
| /** |
| * This class specifies a DES key. |
| * |
| * @author Jan Luehe |
| * |
| * @since 1.4 |
| */ |
| public class DESKeySpec implements java.security.spec.KeySpec { |
| |
| /** |
| * The constant which defines the length of a DES key in bytes. |
| */ |
| public static final int DES_KEY_LEN = 8; |
| |
| private byte[] key; |
| |
| /* |
| * Weak/semi-weak keys copied from FIPS 74. |
| * |
| * "...The first 6 keys have duals different than themselves, hence |
| * each is both a key and a dual giving 12 keys with duals. The last |
| * four keys equal their duals, and are called self-dual keys..." |
| * |
| * 1. E001E001F101F101 01E001E001F101F1 |
| * 2. FE1FFE1FFEOEFEOE 1FFE1FFEOEFEOEFE |
| * 3. E01FE01FF10EF10E 1FE01FEOOEF10EF1 |
| * 4. 01FE01FE01FE01FE FE01FE01FE01FE01 |
| * 5. 011F011F010E010E 1F011F010E010E01 |
| * 6. E0FEE0FEF1FEF1FE FEE0FEE0FEF1FEF1 |
| * 7. 0101010101010101 0101010101010101 |
| * 8. FEFEFEFEFEFEFEFE FEFEFEFEFEFEFEFE |
| * 9. E0E0E0E0F1F1F1F1 E0E0E0E0F1F1F1F1 |
| * 10. 1F1F1F1F0E0E0E0E 1F1F1F1F0E0E0E0E |
| */ |
| private static final byte[][] WEAK_KEYS = { |
| |
| { (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x01, |
| (byte)0x01, (byte)0x01, (byte)0x01 }, |
| |
| { (byte)0xFE, (byte)0xFE, (byte)0xFE, (byte)0xFE, (byte)0xFE, |
| (byte)0xFE, (byte)0xFE, (byte)0xFE }, |
| |
| { (byte)0x1F, (byte)0x1F, (byte)0x1F, (byte)0x1F, (byte)0x0E, |
| (byte)0x0E, (byte)0x0E, (byte)0x0E }, |
| |
| { (byte)0xE0, (byte)0xE0, (byte)0xE0, (byte)0xE0, (byte)0xF1, |
| (byte)0xF1, (byte)0xF1, (byte)0xF1 }, |
| |
| { (byte)0x01, (byte)0xFE, (byte)0x01, (byte)0xFE, (byte)0x01, |
| (byte)0xFE, (byte)0x01, (byte)0xFE }, |
| |
| { (byte)0x1F, (byte)0xE0, (byte)0x1F, (byte)0xE0, (byte)0x0E, |
| (byte)0xF1, (byte)0x0E, (byte)0xF1 }, |
| |
| { (byte)0x01, (byte)0xE0, (byte)0x01, (byte)0xE0, (byte)0x01, |
| (byte)0xF1, (byte)0x01, (byte)0xF1 }, |
| |
| { (byte)0x1F, (byte)0xFE, (byte)0x1F, (byte)0xFE, (byte)0x0E, |
| (byte)0xFE, (byte)0x0E, (byte)0xFE }, |
| |
| { (byte)0x01, (byte)0x1F, (byte)0x01, (byte)0x1F, (byte)0x01, |
| (byte)0x0E, (byte)0x01, (byte)0x0E }, |
| |
| { (byte)0xE0, (byte)0xFE, (byte)0xE0, (byte)0xFE, (byte)0xF1, |
| (byte)0xFE, (byte)0xF1, (byte)0xFE }, |
| |
| { (byte)0xFE, (byte)0x01, (byte)0xFE, (byte)0x01, (byte)0xFE, |
| (byte)0x01, (byte)0xFE, (byte)0x01 }, |
| |
| { (byte)0xE0, (byte)0x1F, (byte)0xE0, (byte)0x1F, (byte)0xF1, |
| (byte)0x0E, (byte)0xF1, (byte)0x0E }, |
| |
| { (byte)0xE0, (byte)0x01, (byte)0xE0, (byte)0x01, (byte)0xF1, |
| (byte)0x01, (byte)0xF1, (byte)0x01 }, |
| |
| { (byte)0xFE, (byte)0x1F, (byte)0xFE, (byte)0x1F, (byte)0xFE, |
| (byte)0x0E, (byte)0xFE, (byte)0x0E }, |
| |
| { (byte)0x1F, (byte)0x01, (byte)0x1F, (byte)0x01, (byte)0x0E, |
| (byte)0x01, (byte)0x0E, (byte)0x01 }, |
| |
| { (byte)0xFE, (byte)0xE0, (byte)0xFE, (byte)0xE0, (byte)0xFE, |
| (byte)0xF1, (byte)0xFE, (byte)0xF1 } |
| }; |
| |
| /** |
| * Creates a DESKeySpec object using the first 8 bytes in |
| * <code>key</code> as the key material for the DES key. |
| * |
| * <p> The bytes that constitute the DES key are those between |
| * <code>key[0]</code> and <code>key[7]</code> inclusive. |
| * |
| * @param key the buffer with the DES key material. The first 8 bytes |
| * of the buffer are copied to protect against subsequent modification. |
| * |
| * @exception NullPointerException if the given key material is |
| * <code>null</code> |
| * @exception InvalidKeyException if the given key material is shorter |
| * than 8 bytes. |
| */ |
| public DESKeySpec(byte[] key) throws InvalidKeyException { |
| this(key, 0); |
| } |
| |
| /** |
| * Creates a DESKeySpec object using the first 8 bytes in |
| * <code>key</code>, beginning at <code>offset</code> inclusive, |
| * as the key material for the DES key. |
| * |
| * <p> The bytes that constitute the DES key are those between |
| * <code>key[offset]</code> and <code>key[offset+7]</code> inclusive. |
| * |
| * @param key the buffer with the DES key material. The first 8 bytes |
| * of the buffer beginning at <code>offset</code> inclusive are copied |
| * to protect against subsequent modification. |
| * @param offset the offset in <code>key</code>, where the DES key |
| * material starts. |
| * |
| * @exception NullPointerException if the given key material is |
| * <code>null</code> |
| * @exception InvalidKeyException if the given key material, starting at |
| * <code>offset</code> inclusive, is shorter than 8 bytes. |
| */ |
| public DESKeySpec(byte[] key, int offset) throws InvalidKeyException { |
| if (key.length - offset < DES_KEY_LEN) { |
| throw new InvalidKeyException("Wrong key size"); |
| } |
| this.key = new byte[DES_KEY_LEN]; |
| System.arraycopy(key, offset, this.key, 0, DES_KEY_LEN); |
| } |
| |
| /** |
| * Returns the DES key material. |
| * |
| * @return the DES key material. Returns a new array |
| * each time this method is called. |
| */ |
| public byte[] getKey() { |
| return this.key.clone(); |
| } |
| |
| /** |
| * Checks if the given DES key material, starting at <code>offset</code> |
| * inclusive, is parity-adjusted. |
| * |
| * @param key the buffer with the DES key material. |
| * @param offset the offset in <code>key</code>, where the DES key |
| * material starts. |
| * |
| * @return true if the given DES key material is parity-adjusted, false |
| * otherwise. |
| * |
| * @exception InvalidKeyException if the given key material is |
| * <code>null</code>, or starting at <code>offset</code> inclusive, is |
| * shorter than 8 bytes. |
| */ |
| public static boolean isParityAdjusted(byte[] key, int offset) |
| throws InvalidKeyException { |
| if (key == null) { |
| throw new InvalidKeyException("null key"); |
| } |
| if (key.length - offset < DES_KEY_LEN) { |
| throw new InvalidKeyException("Wrong key size"); |
| } |
| |
| for (int i = 0; i < DES_KEY_LEN; i++) { |
| int k = Integer.bitCount(key[offset++] & 0xff); |
| if ((k & 1) == 0) { |
| return false; |
| } |
| } |
| |
| return true; |
| } |
| |
| /** |
| * Checks if the given DES key material is weak or semi-weak. |
| * |
| * @param key the buffer with the DES key material. |
| * @param offset the offset in <code>key</code>, where the DES key |
| * material starts. |
| * |
| * @return true if the given DES key material is weak or semi-weak, false |
| * otherwise. |
| * |
| * @exception InvalidKeyException if the given key material is |
| * <code>null</code>, or starting at <code>offset</code> inclusive, is |
| * shorter than 8 bytes. |
| */ |
| public static boolean isWeak(byte[] key, int offset) |
| throws InvalidKeyException { |
| if (key == null) { |
| throw new InvalidKeyException("null key"); |
| } |
| if (key.length - offset < DES_KEY_LEN) { |
| throw new InvalidKeyException("Wrong key size"); |
| } |
| for (int i = 0; i < WEAK_KEYS.length; i++) { |
| boolean found = true; |
| for (int j = 0; j < DES_KEY_LEN && found == true; j++) { |
| if (WEAK_KEYS[i][j] != key[j+offset]) { |
| found = false; |
| } |
| } |
| if (found == true) { |
| return found; |
| } |
| } |
| return false; |
| } |
| } |