diff options
Diffstat (limited to 'libjava/classpath/javax/crypto/Mac.java')
| -rw-r--r-- | libjava/classpath/javax/crypto/Mac.java | 434 |
1 files changed, 434 insertions, 0 deletions
diff --git a/libjava/classpath/javax/crypto/Mac.java b/libjava/classpath/javax/crypto/Mac.java new file mode 100644 index 000000000..9175e5800 --- /dev/null +++ b/libjava/classpath/javax/crypto/Mac.java @@ -0,0 +1,434 @@ +/* Mac.java -- The message authentication code interface. + Copyright (C) 2004 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package javax.crypto; + +import gnu.java.security.Engine; + +import java.lang.reflect.InvocationTargetException; +import java.nio.ByteBuffer; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.Provider; +import java.security.Security; +import java.security.spec.AlgorithmParameterSpec; + +/** + * This class implements a "message authentication code" (MAC), a method + * to ensure the integrity of data transmitted between two parties who + * share a common secret key. + * + * <p>The best way to describe a MAC is as a <i>keyed one-way hash + * function</i>, which looks like: + * + * <blockquote><p><code>D = MAC(K, M)</code></blockquote> + * + * <p>where <code>K</code> is the key, <code>M</code> is the message, + * and <code>D</code> is the resulting digest. One party will usually + * send the concatenation <code>M || D</code> to the other party, who + * will then verify <code>D</code> by computing <code>D'</code> in a + * similar fashion. If <code>D == D'</code>, then the message is assumed + * to be authentic. + * + * @author Casey Marshall (csm@gnu.org) + */ +public class Mac implements Cloneable +{ + + // Fields. + // ------------------------------------------------------------------------ + + private static final String SERVICE = "Mac"; + + /** The underlying MAC implementation. */ + private MacSpi macSpi; + + /** The provider we got our implementation from. */ + private Provider provider; + + /** The name of the algorithm. */ + private String algorithm; + + /** Whether or not we've been initialized. */ + private boolean virgin; + + // Constructor. + // ------------------------------------------------------------------------ + + /** + * Creates a new Mac instance. + * + * @param macSpi The underlying MAC implementation. + * @param provider The provider of this implementation. + * @param algorithm The name of this MAC algorithm. + */ + protected Mac(MacSpi macSpi, Provider provider, String algorithm) + { + this.macSpi = macSpi; + this.provider = provider; + this.algorithm = algorithm; + virgin = true; + } + + /** + * Create an instance of the named algorithm from the first provider with an + * appropriate implementation. + * + * @param algorithm The name of the algorithm. + * @return An appropriate Mac instance, if the specified algorithm is + * implemented by a provider. + * @throws NoSuchAlgorithmException If no implementation of the named + * algorithm is installed. + * @throws IllegalArgumentException if <code>algorithm</code> is + * <code>null</code> or is an empty string. + */ + public static final Mac getInstance(String algorithm) + throws NoSuchAlgorithmException + { + Provider[] p = Security.getProviders(); + NoSuchAlgorithmException lastException = null; + for (int i = 0; i < p.length; i++) + try + { + return getInstance(algorithm, p[i]); + } + catch (NoSuchAlgorithmException x) + { + lastException = x; + } + if (lastException != null) + throw lastException; + throw new NoSuchAlgorithmException(algorithm); + } + + /** + * Create an instance of the named algorithm from the named provider. + * + * @param algorithm The name of the algorithm. + * @param provider The name of the provider. + * @return An appropriate Mac instance, if the specified algorithm is + * implemented by the named provider. + * @throws NoSuchAlgorithmException If the named provider has no + * implementation of the algorithm. + * @throws NoSuchProviderException If the named provider does not exist. + * @throws IllegalArgumentException if either <code>algorithm</code> or + * <code>provider</code> is <code>null</code>, or if + * <code>algorithm</code> is an empty string. + */ + public static final Mac getInstance(String algorithm, String provider) + throws NoSuchAlgorithmException, NoSuchProviderException + { + if (provider == null) + throw new IllegalArgumentException("provider MUST NOT be null"); + Provider p = Security.getProvider(provider); + if (p == null) + throw new NoSuchProviderException(provider); + return getInstance(algorithm, p); + } + + /** + * Create an instance of the named algorithm from a provider. + * + * @param algorithm The name of the algorithm. + * @param provider The provider. + * @return An appropriate Mac instance, if the specified algorithm is + * implemented by the provider. + * @throws NoSuchAlgorithmException If the provider has no implementation of + * the algorithm. + * @throws IllegalArgumentException if either <code>algorithm</code> or + * <code>provider</code> is <code>null</code>, or if + * <code>algorithm</code> is an empty string. + */ + public static final Mac getInstance(String algorithm, Provider provider) + throws NoSuchAlgorithmException + { + StringBuilder sb = new StringBuilder("Mac algorithm [") + .append(algorithm).append("] from provider[") + .append(provider).append("] could not be created"); + Throwable cause; + try + { + Object spi = Engine.getInstance(SERVICE, algorithm, provider); + return new Mac((MacSpi) spi, provider, algorithm); + } + catch (InvocationTargetException x) + { + cause = x.getCause(); + if (cause instanceof NoSuchAlgorithmException) + throw (NoSuchAlgorithmException) cause; + if (cause == null) + cause = x; + } + catch (ClassCastException x) + { + cause = x; + } + NoSuchAlgorithmException x = new NoSuchAlgorithmException(sb.toString()); + x.initCause(cause); + throw x; + } + + /** + * Finishes the computation of a MAC and returns the digest. + * + * <p>After this method succeeds, it may be used again as just after a + * call to <code>init</code>, and can compute another MAC using the + * same key and parameters. + * + * @return The message authentication code. + * @throws java.lang.IllegalStateException If this instnace has not + * been initialized. + */ + public final byte[] doFinal() throws IllegalStateException + { + if (virgin) + { + throw new IllegalStateException("not initialized"); + } + byte[] digest = macSpi.engineDoFinal(); + reset(); + return digest; + } + + /** + * Finishes the computation of a MAC with a final byte array (or + * computes a MAC over those bytes only) and returns the digest. + * + * <p>After this method succeeds, it may be used again as just after a + * call to <code>init</code>, and can compute another MAC using the + * same key and parameters. + * + * @param input The bytes to add. + * @return The message authentication code. + * @throws java.lang.IllegalStateException If this instnace has not + * been initialized. + */ + public final byte[] doFinal(byte[] input) throws IllegalStateException + { + update(input); + byte[] digest = macSpi.engineDoFinal(); + reset(); + return digest; + } + + /** + * Finishes the computation of a MAC and places the result into the + * given array. + * + * <p>After this method succeeds, it may be used again as just after a + * call to <code>init</code>, and can compute another MAC using the + * same key and parameters. + * + * @param output The destination for the result. + * @param outOffset The index in the output array to start. + * @return The message authentication code. + * @throws java.lang.IllegalStateException If this instnace has not + * been initialized. + * @throws javax.crypto.ShortBufferException If <code>output</code> is + * not large enough to hold the result. + */ + public final void doFinal(byte[] output, int outOffset) + throws IllegalStateException, ShortBufferException + { + if (virgin) + { + throw new IllegalStateException("not initialized"); + } + if (output.length - outOffset < getMacLength()) + { + throw new ShortBufferException(); + } + byte[] mac = macSpi.engineDoFinal(); + System.arraycopy(mac, 0, output, outOffset, getMacLength()); + reset(); + } + + /** + * Returns the name of this MAC algorithm. + * + * @return The MAC name. + */ + public final String getAlgorithm() + { + return algorithm; + } + + /** + * Get the size of the MAC. This is the size of the array returned by + * {@link #doFinal()} and {@link #doFinal(byte[])}, and the minimum + * number of bytes that must be available in the byte array passed to + * {@link #doFinal(byte[],int)}. + * + * @return The MAC length. + */ + public final int getMacLength() + { + return macSpi.engineGetMacLength(); + } + + /** + * Get the provider of the underlying implementation. + * + * @return The provider. + */ + public final Provider getProvider() + { + return provider; + } + + /** + * Initialize this MAC with a key and no parameters. + * + * @param key The key to initialize this instance with. + * @throws java.security.InvalidKeyException If the key is + * unacceptable. + */ + public final void init(Key key) throws InvalidKeyException + { + try + { + init(key, null); + } + catch (InvalidAlgorithmParameterException iape) + { + throw new IllegalArgumentException(algorithm + " needs parameters"); + } + } + + /** + * Initialize this MAC with a key and parameters. + * + * @param key The key to initialize this instance with. + * @param params The algorithm-specific parameters. + * @throws java.security.InvalidAlgorithmParameterException If the + * algorithm parameters are unacceptable. + * @throws java.security.InvalidKeyException If the key is + * unacceptable. + */ + public final void init(Key key, AlgorithmParameterSpec params) + throws InvalidAlgorithmParameterException, InvalidKeyException + { + macSpi.engineInit(key, params); + virgin = false; // w00t! + } + + /** + * Reset this instance. A call to this method returns this instance + * back to the state it was in just after it was initialized. + */ + public final void reset() + { + macSpi.engineReset(); + } + + /** + * Update the computation with a single byte. + * + * @param input The next byte. + * @throws java.lang.IllegalStateException If this instance has not + * been initialized. + */ + public final void update(byte input) throws IllegalStateException + { + if (virgin) + { + throw new IllegalStateException("not initialized"); + } + macSpi.engineUpdate(input); + } + + /** + * Update the computation with a byte array. + * + * @param input The next bytes. + * @throws java.lang.IllegalStateException If this instance has not + * been initialized. + */ + public final void update(byte[] input) throws IllegalStateException + { + update(input, 0, input.length); + } + + /** + * Update the computation with a portion of a byte array. + * + * @param input The next bytes. + * @param offset The index in <code>input</code> to start. + * @param length The number of bytes to update. + * @throws java.lang.IllegalStateException If this instance has not + * been initialized. + */ + public final void update(byte[] input, int offset, int length) + throws IllegalStateException + { + if (virgin) + { + throw new IllegalStateException("not initialized"); + } + macSpi.engineUpdate(input, offset, length); + } + + /** + * Update this MAC with the remaining bytes in the given buffer + * @param buffer The input buffer. + * @since 1.5 + */ + public final void update (final ByteBuffer buffer) + { + if (virgin) + throw new IllegalStateException ("not initialized"); + macSpi.engineUpdate(buffer); + } + + /** + * Clone this instance, if the underlying implementation supports it. + * + * @return A clone of this instance. + * @throws java.lang.CloneNotSupportedException If the underlying + * implementation is not cloneable. + */ + public final Object clone() throws CloneNotSupportedException + { + Mac result = new Mac((MacSpi) macSpi.clone(), provider, algorithm); + result.virgin = virgin; + return result; + } +} |