diff options
Diffstat (limited to 'libjava/classpath/gnu/javax/crypto/mode/OFB.java')
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/OFB.java | 174 |
1 files changed, 174 insertions, 0 deletions
diff --git a/libjava/classpath/gnu/javax/crypto/mode/OFB.java b/libjava/classpath/gnu/javax/crypto/mode/OFB.java new file mode 100644 index 000000000..087f99132 --- /dev/null +++ b/libjava/classpath/gnu/javax/crypto/mode/OFB.java @@ -0,0 +1,174 @@ +/* OFB.java -- + Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.crypto.mode; + +import gnu.java.security.Registry; +import gnu.javax.crypto.cipher.IBlockCipher; + +/** + * The Output Feedback (OFB) mode is a confidentiality mode that requires a + * unique <code>IV</code> for every message that is ever encrypted under the + * given key. The OFB mode is defined as follows: + * <ul> + * <li>OFB Encryption: + * <ul> + * <li>I<sub>1</sub> = IV;</li> + * <li>I<sub>j</sub> = O<sub>j -1</sub> for j = 2...n;</li> + * <li>O<sub>j</sub> = CIPH<sub>K</sub>(I<sub>j</sub>) for j = 1, 2...n;</li> + * <li>C<sub>j</sub> = P<sub>j</sub> XOR O<sub>j</sub> for j = 1, 2...n.</li> + * </ul> + * </li> + * <li>OFB Decryption: + * <ul> + * <li>I<sub>1</sub> = IV;</li> + * <li>I<sub>j</sub> = O<sub>j -1</sub> for j = 2...n;</li> + * <li>O<sub>j</sub> = CIPH<sub>K</sub>(I<sub>j</sub>) for j = 1, 2...n;</li> + * <li>P<sub>j</sub> = C<sub>j</sub> XOR O<sub>j</sub> for j = 1, 2...n.</li> + * </ul> + * </li> + * </ul> + * <p> + * In OFB encryption, the <code>IV</code> is transformed by the forward cipher + * function to produce the first output block. The first output block is + * exclusive-ORed with the first plaintext block to produce the first ciphertext + * block. The first output block is then transformed by the forward cipher + * function to produce the second output block. The second output block is + * exclusive-ORed with the second plaintext block to produce the second + * ciphertext block, and the second output block is transformed by the forward + * cipher function to produce the third output block. Thus, the successive + * output blocks are produced from enciphering the previous output blocks, and + * the output blocks are exclusive-ORed with the corresponding plaintext blocks + * to produce the ciphertext blocks. + * <p> + * In OFB decryption, the <code>IV</code> is transformed by the forward cipher + * function to produce the first output block. The first output block is + * exclusive-ORed with the first ciphertext block to recover the first plaintext + * block. The first output block is then transformed by the forward cipher + * function to produce the second output block. The second output block is + * exclusive-ORed with the second ciphertext block to produce the second + * plaintext block, and the second output block is also transformed by the + * forward cipher function to produce the third output block. Thus, the + * successive output blocks are produced from enciphering the previous output + * blocks, and the output blocks are exclusive-ORed with the corresponding + * ciphertext blocks to recover the plaintext blocks. + * <p> + * In both OFB encryption and OFB decryption, each forward cipher function + * (except the first) depends on the results of the previous forward cipher + * function; therefore, multiple forward cipher functions cannot be performed in + * parallel. However, if the <code>IV</code> is known, the output blocks can + * be generated prior to the availability of the plaintext or ciphertext data. + * <p> + * The OFB mode requires a unique <code>IV</code> for every message that is + * ever encrypted under the given key. If, contrary to this requirement, the + * same <code>IV</code> is used for the encryption of more than one message, + * then the confidentiality of those messages may be compromised. In particular, + * if a plaintext block of any of these messages is known, say, the j<sup>th</sup> + * plaintext block, then the j<sup>th</sup> output of the forward cipher + * function can be determined easily from the j<sup>th</sup> ciphertext block + * of the message. This information allows the j<sup>th</sup> plaintext block + * of any other message that is encrypted using the same <code>IV</code> to be + * easily recovered from the jth ciphertext block of that message. + * <p> + * Confidentiality may similarly be compromised if any of the input blocks to + * the forward cipher function for the encryption of a message is used as the + * <code>IV</code> for the encryption of another message under the given key. + * <p> + * References: + * <ol> + * <li><a + * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> + * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>, + * Morris Dworkin.</li> + * </ol> + */ +public class OFB + extends BaseMode + implements Cloneable +{ + private byte[] outputBlock; + + /** + * Trivial package-private constructor for use by the Factory class. + * + * @param underlyingCipher the underlying cipher implementation. + * @param cipherBlockSize the underlying cipher block size to use. + */ + OFB(IBlockCipher underlyingCipher, int cipherBlockSize) + { + super(Registry.OFB_MODE, underlyingCipher, cipherBlockSize); + } + + /** + * Private constructor for cloning purposes. + * + * @param that the mode to clone. + */ + private OFB(OFB that) + { + this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); + } + + public Object clone() + { + return new OFB(this); + } + + public void setup() + { + if (modeBlockSize != cipherBlockSize) + throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE); + outputBlock = (byte[]) iv.clone(); + } + + public void teardown() + { + } + + public void encryptBlock(byte[] in, int i, byte[] out, int o) + { + cipher.encryptBlock(outputBlock, 0, outputBlock, 0); + for (int j = 0; j < cipherBlockSize;) + out[o++] = (byte)(in[i++] ^ outputBlock[j++]); + } + + public void decryptBlock(byte[] in, int i, byte[] out, int o) + { + this.encryptBlock(in, i, out, o); + } +} |