Java Code Examples for sun.security.krb5.internal.crypto.KeyUsage#isValid()

The following examples show how to use sun.security.krb5.internal.crypto.KeyUsage#isValid() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ArcFourCrypto.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Performs encryption of Sequence Number using derived key.
 */
public byte[] encryptSeq(byte[] baseKey, int usage,
    byte[] checksum, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    // derive encryption for sequence number
    byte[] salt = new byte[4];
    byte[] kSeq = getHmac(baseKey, salt);

    // derive new encryption key salted with sequence number
    kSeq = getHmac(kSeq, checksum);

    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(kSeq, "ARCFOUR");
    cipher.init(Cipher.ENCRYPT_MODE, secretKey);
    byte[] output = cipher.doFinal(plaintext, start, len);

    return output;
}
 
Example 2
Source File: ArcFourCrypto.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Performs encryption of Sequence Number using derived key.
 */
public byte[] encryptSeq(byte[] baseKey, int usage,
    byte[] checksum, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    // derive encryption for sequence number
    byte[] salt = new byte[4];
    byte[] kSeq = getHmac(baseKey, salt);

    // derive new encryption key salted with sequence number
    kSeq = getHmac(kSeq, checksum);

    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(kSeq, "ARCFOUR");
    cipher.init(Cipher.ENCRYPT_MODE, secretKey);
    byte[] output = cipher.doFinal(plaintext, start, len);

    return output;
}
 
Example 3
Source File: ArcFourCrypto.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Performs encryption of Sequence Number using derived key.
 */
public byte[] encryptSeq(byte[] baseKey, int usage,
    byte[] checksum, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    // derive encryption for sequence number
    byte[] salt = new byte[4];
    byte[] kSeq = getHmac(baseKey, salt);

    // derive new encryption key salted with sequence number
    kSeq = getHmac(kSeq, checksum);

    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(kSeq, "ARCFOUR");
    cipher.init(Cipher.ENCRYPT_MODE, secretKey);
    byte[] output = cipher.doFinal(plaintext, start, len);

    return output;
}
 
Example 4
Source File: ArcFourCrypto.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Decrypts data using specified key and initial vector.
 * @param baseKey encryption key to use
 * @param ciphertext  encrypted data to be decrypted
 * @param usage ignored
 */
public byte[] decryptRaw(byte[] baseKey, int usage, byte[] ivec,
    byte[] ciphertext, int start, int len, byte[] seqNum)
    throws GeneralSecurityException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    if (debug) {
        System.out.println("\nARCFOUR: decryptRaw with usage = " + usage);
    }

    // Derive encryption key for data
    //   Key derivation salt = 0
    byte[] klocal = new byte[baseKey.length];
    for (int i = 0; i <= 15; i++) {
        klocal[i] = (byte) (baseKey[i] ^ 0xF0);
    }
    byte[] salt = new byte[4];
    byte[] kcrypt = getHmac(klocal, salt);

    // need only first 4 bytes of sequence number
    byte[] sequenceNum = new byte[4];
    System.arraycopy(seqNum, 0, sequenceNum, 0, sequenceNum.length);

    // new encryption key salted with sequence number
    kcrypt = getHmac(kcrypt, sequenceNum);

    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(kcrypt, "ARCFOUR");
    cipher.init(Cipher.DECRYPT_MODE, secretKey);
    byte[] output = cipher.doFinal(ciphertext, start, len);

    return output;
}
 
Example 5
Source File: ArcFourCrypto.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Performs encryption using derived key; does not add confounder.
 */
public byte[] encryptRaw(byte[] baseKey, int usage,
    byte[] seqNum, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }

    if (debug) {
        System.out.println("\nARCFOUR: encryptRaw with usage = " + usage);
    }

    // Derive encryption key for data
    //   Key derivation salt = 0
    byte[] klocal = new byte[baseKey.length];
    for (int i = 0; i <= 15; i++) {
        klocal[i] = (byte) (baseKey[i] ^ 0xF0);
    }
    byte[] salt = new byte[4];
    byte[] kcrypt = getHmac(klocal, salt);

    // Note: When using this RC4 based encryption type, the sequence number
    // is always sent in big-endian rather than little-endian order.

    // new encryption key salted with sequence number
    kcrypt = getHmac(kcrypt, seqNum);

    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(kcrypt, "ARCFOUR");
    cipher.init(Cipher.ENCRYPT_MODE, secretKey);
    byte[] output = cipher.doFinal(plaintext, start, len);

    return output;
}
 
Example 6
Source File: AesDkCrypto.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Performs encryption using derived key; adds confounder.
 */
public byte[] encrypt(byte[] baseKey, int usage,
    byte[] ivec, byte[] new_ivec, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                             + usage);
    }
    byte[] output = encryptCTS(baseKey, usage, ivec, new_ivec, plaintext,
                                    start, len, true);
    return output;
}
 
Example 7
Source File: AesDkCrypto.java    From openjdk-8 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Performs encryption using derived key; does not add confounder.
 */
public byte[] encryptRaw(byte[] baseKey, int usage,
    byte[] ivec, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    byte[] output = encryptCTS(baseKey, usage, ivec, null, plaintext,
                                    start, len, false);
    return output;
}
 
Example 8
Source File: AesDkCrypto.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Performs encryption using derived key; does not add confounder.
 */
public byte[] encryptRaw(byte[] baseKey, int usage,
    byte[] ivec, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    byte[] output = encryptCTS(baseKey, usage, ivec, null, plaintext,
                                    start, len, false);
    return output;
}
 
Example 9
Source File: ArcFourCrypto.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Decrypts data using specified key and initial vector.
 * @param baseKey encryption key to use
 * @param ciphertext  encrypted data to be decrypted
 * @param usage ignored
 */
public byte[] decryptRaw(byte[] baseKey, int usage, byte[] ivec,
    byte[] ciphertext, int start, int len, byte[] seqNum)
    throws GeneralSecurityException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    if (debug) {
        System.out.println("\nARCFOUR: decryptRaw with usage = " + usage);
    }

    // Derive encryption key for data
    //   Key derivation salt = 0
    byte[] klocal = new byte[baseKey.length];
    for (int i = 0; i <= 15; i++) {
        klocal[i] = (byte) (baseKey[i] ^ 0xF0);
    }
    byte[] salt = new byte[4];
    byte[] kcrypt = getHmac(klocal, salt);

    // need only first 4 bytes of sequence number
    byte[] sequenceNum = new byte[4];
    System.arraycopy(seqNum, 0, sequenceNum, 0, sequenceNum.length);

    // new encryption key salted with sequence number
    kcrypt = getHmac(kcrypt, sequenceNum);

    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(kcrypt, "ARCFOUR");
    cipher.init(Cipher.DECRYPT_MODE, secretKey);
    byte[] output = cipher.doFinal(ciphertext, start, len);

    return output;
}
 
Example 10
Source File: ArcFourCrypto.java    From openjdk-8 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Performs encryption using derived key; does not add confounder.
 */
public byte[] encryptRaw(byte[] baseKey, int usage,
    byte[] seqNum, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }

    if (debug) {
        System.out.println("\nARCFOUR: encryptRaw with usage = " + usage);
    }

    // Derive encryption key for data
    //   Key derivation salt = 0
    byte[] klocal = new byte[baseKey.length];
    for (int i = 0; i <= 15; i++) {
        klocal[i] = (byte) (baseKey[i] ^ 0xF0);
    }
    byte[] salt = new byte[4];
    byte[] kcrypt = getHmac(klocal, salt);

    // Note: When using this RC4 based encryption type, the sequence number
    // is always sent in big-endian rather than little-endian order.

    // new encryption key salted with sequence number
    kcrypt = getHmac(kcrypt, seqNum);

    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(kcrypt, "ARCFOUR");
    cipher.init(Cipher.ENCRYPT_MODE, secretKey);
    byte[] output = cipher.doFinal(plaintext, start, len);

    return output;
}
 
Example 11
Source File: AesDkCrypto.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Decrypts data using specified key and initial vector.
 * @param baseKey encryption key to use
 * @param ciphertext  encrypted data to be decrypted
 * @param usage ignored
 */
public byte[] decryptRaw(byte[] baseKey, int usage, byte[] ivec,
    byte[] ciphertext, int start, int len)
    throws GeneralSecurityException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    byte[] output = decryptCTS(baseKey, usage, ivec, ciphertext,
                                    start, len, false);
    return output;
}
 
Example 12
Source File: AesDkCrypto.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Performs encryption using derived key; adds confounder.
 */
public byte[] encrypt(byte[] baseKey, int usage,
    byte[] ivec, byte[] new_ivec, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                             + usage);
    }
    byte[] output = encryptCTS(baseKey, usage, ivec, new_ivec, plaintext,
                                    start, len, true);
    return output;
}
 
Example 13
Source File: ArcFourCrypto.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Performs encryption using derived key; does not add confounder.
 */
public byte[] encryptRaw(byte[] baseKey, int usage,
    byte[] seqNum, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }

    if (debug) {
        System.out.println("\nARCFOUR: encryptRaw with usage = " + usage);
    }

    // Derive encryption key for data
    //   Key derivation salt = 0
    byte[] klocal = new byte[baseKey.length];
    for (int i = 0; i <= 15; i++) {
        klocal[i] = (byte) (baseKey[i] ^ 0xF0);
    }
    byte[] salt = new byte[4];
    byte[] kcrypt = getHmac(klocal, salt);

    // Note: When using this RC4 based encryption type, the sequence number
    // is always sent in big-endian rather than little-endian order.

    // new encryption key salted with sequence number
    kcrypt = getHmac(kcrypt, seqNum);

    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(kcrypt, "ARCFOUR");
    cipher.init(Cipher.ENCRYPT_MODE, secretKey);
    byte[] output = cipher.doFinal(plaintext, start, len);

    return output;
}
 
Example 14
Source File: ArcFourCrypto.java    From dragonwell8_jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * @param baseKey key from which keys are to be derived using usage
 * @param ciphertext  E(Ke, conf | plaintext | padding, ivec) | H1[1..h]
 */
public byte[] decrypt(byte[] baseKey, int usage, byte[] ivec,
    byte[] ciphertext, int start, int len)
    throws GeneralSecurityException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    if (debug) {
        System.out.println("\nARCFOUR: DECRYPT using key usage = " + usage);
    }

    // compute K1
    byte[] k1 = new byte[baseKey.length];
    System.arraycopy(baseKey, 0, k1, 0, baseKey.length);

    // get the salt using key usage
    byte[] salt = getSalt(usage);

    // compute K2 using K1
    byte[] k2 = getHmac(k1, salt);

    // compute K3 using K2 and checksum
    byte[] checksum = new byte[hashSize];
    System.arraycopy(ciphertext, start, checksum, 0, hashSize);
    byte[] k3 = getHmac(k2, checksum);

    // Decrypt [confounder | plaintext ] (without checksum)
    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(k3, "ARCFOUR");
    cipher.init(Cipher.DECRYPT_MODE, secretKey);
    byte[] plaintext = cipher.doFinal(ciphertext, start+hashSize,
                                            len-hashSize);

    // Verify checksum
    byte[] calculatedHmac = getHmac(k2, plaintext);
    if (debug) {
        traceOutput("calculated Hmac", calculatedHmac, 0,
                            calculatedHmac.length);
        traceOutput("message Hmac", ciphertext, 0,
                            hashSize);
    }
    boolean cksumFailed = false;
    if (calculatedHmac.length >= hashSize) {
        for (int i = 0; i < hashSize; i++) {
            if (calculatedHmac[i] != ciphertext[i]) {
                cksumFailed = true;
                if (debug) {
                    System.err.println("Checksum failed !");
                }
                break;
            }
        }
    }
    if (cksumFailed) {
        throw new GeneralSecurityException("Checksum failed");
    }

    // Get rid of confounder
    // [ confounder | plaintext ]
    byte[] output = new byte[plaintext.length - confounderSize];
    System.arraycopy(plaintext, confounderSize, output, 0, output.length);

    return output;
}
 
Example 15
Source File: ArcFourCrypto.java    From openjdk-8 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Performs encryption using derived key; adds confounder.
 */
public byte[] encrypt(byte[] baseKey, int usage,
    byte[] ivec, byte[] new_ivec, byte[] plaintext, int start, int len)
    throws GeneralSecurityException, KrbCryptoException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                             + usage);
    }

    if (debug) {
        System.out.println("ArcFour: ENCRYPT with key usage = " + usage);
    }

    // get the confounder
    byte[] confounder = Confounder.bytes(confounderSize);

    // add confounder to the plaintext for encryption
    int plainSize = roundup(confounder.length + len, 1);
    byte[] toBeEncrypted = new byte[plainSize];
    System.arraycopy(confounder, 0, toBeEncrypted, 0, confounder.length);
    System.arraycopy(plaintext, start, toBeEncrypted,
                            confounder.length, len);

    /* begin the encryption, compute K1 */
    byte[] k1 = new byte[baseKey.length];
    System.arraycopy(baseKey, 0, k1, 0, baseKey.length);

    // get the salt using key usage
    byte[] salt = getSalt(usage);

    // compute K2 using K1
    byte[] k2 = getHmac(k1, salt);

    // generate checksum using K2
    byte[] checksum = getHmac(k2, toBeEncrypted);

    // compute K3 using K2 and checksum
    byte[] k3 = getHmac(k2, checksum);

    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(k3, "ARCFOUR");
    cipher.init(Cipher.ENCRYPT_MODE, secretKey);
    byte[] output = cipher.doFinal(toBeEncrypted, 0, toBeEncrypted.length);

    // encryptedData + HMAC
    byte[] result = new byte[hashSize + output.length];
    System.arraycopy(checksum, 0, result, 0, hashSize);
    System.arraycopy(output, 0, result, hashSize, output.length);

    return result;
}
 
Example 16
Source File: AesDkCrypto.java    From hottub with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Calculate the checksum
 */
public byte[] calculateChecksum(byte[] baseKey, int usage, byte[] input,
    int start, int len) throws GeneralSecurityException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }

    // Derive keys
    byte[] constant = new byte[5];
    constant[0] = (byte) ((usage>>24)&0xff);
    constant[1] = (byte) ((usage>>16)&0xff);
    constant[2] = (byte) ((usage>>8)&0xff);
    constant[3] = (byte) (usage&0xff);

    constant[4] = (byte) 0x99;

    byte[] Kc = dk(baseKey, constant);  // Checksum key
    if (debug) {
        System.err.println("usage: " + usage);
        traceOutput("input", input, start, Math.min(len, 32));
        traceOutput("constant", constant, 0, constant.length);
        traceOutput("baseKey", baseKey, 0, baseKey.length);
        traceOutput("Kc", Kc, 0, Kc.length);
    }

    try {
        // Generate checksum
        // H1 = HMAC(Kc, input)
        byte[] hmac = getHmac(Kc, input);
        if (debug) {
            traceOutput("hmac", hmac, 0, hmac.length);
        }
        if (hmac.length == getChecksumLength()) {
            return hmac;
        } else if (hmac.length > getChecksumLength()) {
            byte[] buf = new byte[getChecksumLength()];
            System.arraycopy(hmac, 0, buf, 0, buf.length);
            return buf;
        } else {
            throw new GeneralSecurityException("checksum size too short: " +
                    hmac.length + "; expecting : " + getChecksumLength());
        }
    } finally {
        Arrays.fill(Kc, 0, Kc.length, (byte)0);
    }
}
 
Example 17
Source File: ArcFourCrypto.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * @param baseKey key from which keys are to be derived using usage
 * @param ciphertext  E(Ke, conf | plaintext | padding, ivec) | H1[1..h]
 */
public byte[] decrypt(byte[] baseKey, int usage, byte[] ivec,
    byte[] ciphertext, int start, int len)
    throws GeneralSecurityException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    if (debug) {
        System.out.println("\nARCFOUR: DECRYPT using key usage = " + usage);
    }

    // compute K1
    byte[] k1 = new byte[baseKey.length];
    System.arraycopy(baseKey, 0, k1, 0, baseKey.length);

    // get the salt using key usage
    byte[] salt = getSalt(usage);

    // compute K2 using K1
    byte[] k2 = getHmac(k1, salt);

    // compute K3 using K2 and checksum
    byte[] checksum = new byte[hashSize];
    System.arraycopy(ciphertext, start, checksum, 0, hashSize);
    byte[] k3 = getHmac(k2, checksum);

    // Decrypt [confounder | plaintext ] (without checksum)
    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(k3, "ARCFOUR");
    cipher.init(Cipher.DECRYPT_MODE, secretKey);
    byte[] plaintext = cipher.doFinal(ciphertext, start+hashSize,
                                            len-hashSize);

    // Verify checksum
    byte[] calculatedHmac = getHmac(k2, plaintext);
    if (debug) {
        traceOutput("calculated Hmac", calculatedHmac, 0,
                            calculatedHmac.length);
        traceOutput("message Hmac", ciphertext, 0,
                            hashSize);
    }
    boolean cksumFailed = false;
    if (calculatedHmac.length >= hashSize) {
        for (int i = 0; i < hashSize; i++) {
            if (calculatedHmac[i] != ciphertext[i]) {
                cksumFailed = true;
                if (debug) {
                    System.err.println("Checksum failed !");
                }
                break;
            }
        }
    }
    if (cksumFailed) {
        throw new GeneralSecurityException("Checksum failed");
    }

    // Get rid of confounder
    // [ confounder | plaintext ]
    byte[] output = new byte[plaintext.length - confounderSize];
    System.arraycopy(plaintext, confounderSize, output, 0, output.length);

    return output;
}
 
Example 18
Source File: DkCrypto.java    From jdk8u60 with GNU General Public License v2.0 4 votes vote down vote up
public byte[] calculateChecksum(byte[] baseKey, int usage, byte[] input,
    int start, int len) throws GeneralSecurityException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }

    // Derive keys
    byte[] constant = new byte[5];
    constant[0] = (byte) ((usage>>24)&0xff);
    constant[1] = (byte) ((usage>>16)&0xff);
    constant[2] = (byte) ((usage>>8)&0xff);
    constant[3] = (byte) (usage&0xff);

    constant[4] = (byte) 0x99;

    byte[] Kc = dk(baseKey, constant);  // Checksum key
    if (debug) {
        System.err.println("usage: " + usage);
        traceOutput("input", input, start, Math.min(len, 32));
        traceOutput("constant", constant, 0, constant.length);
        traceOutput("baseKey", baseKey, 0, baseKey.length);
        traceOutput("Kc", Kc, 0, Kc.length);
    }

    try {
        // Generate checksum
        // H1 = HMAC(Kc, input)
        byte[] hmac = getHmac(Kc, input);
        if (debug) {
            traceOutput("hmac", hmac, 0, hmac.length);
        }
        if (hmac.length == getChecksumLength()) {
            return hmac;
        } else if (hmac.length > getChecksumLength()) {
            byte[] buf = new byte[getChecksumLength()];
            System.arraycopy(hmac, 0, buf, 0, buf.length);
            return buf;
        } else {
            throw new GeneralSecurityException("checksum size too short: " +
                hmac.length + "; expecting : " + getChecksumLength());
        }
    } finally {
        Arrays.fill(Kc, 0, Kc.length, (byte)0);
    }
}
 
Example 19
Source File: ArcFourCrypto.java    From openjdk-8 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * @param baseKey key from which keys are to be derived using usage
 * @param ciphertext  E(Ke, conf | plaintext | padding, ivec) | H1[1..h]
 */
public byte[] decrypt(byte[] baseKey, int usage, byte[] ivec,
    byte[] ciphertext, int start, int len)
    throws GeneralSecurityException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }
    if (debug) {
        System.out.println("\nARCFOUR: DECRYPT using key usage = " + usage);
    }

    // compute K1
    byte[] k1 = new byte[baseKey.length];
    System.arraycopy(baseKey, 0, k1, 0, baseKey.length);

    // get the salt using key usage
    byte[] salt = getSalt(usage);

    // compute K2 using K1
    byte[] k2 = getHmac(k1, salt);

    // compute K3 using K2 and checksum
    byte[] checksum = new byte[hashSize];
    System.arraycopy(ciphertext, start, checksum, 0, hashSize);
    byte[] k3 = getHmac(k2, checksum);

    // Decrypt [confounder | plaintext ] (without checksum)
    Cipher cipher = Cipher.getInstance("ARCFOUR");
    SecretKeySpec secretKey = new SecretKeySpec(k3, "ARCFOUR");
    cipher.init(Cipher.DECRYPT_MODE, secretKey);
    byte[] plaintext = cipher.doFinal(ciphertext, start+hashSize,
                                            len-hashSize);

    // Verify checksum
    byte[] calculatedHmac = getHmac(k2, plaintext);
    if (debug) {
        traceOutput("calculated Hmac", calculatedHmac, 0,
                            calculatedHmac.length);
        traceOutput("message Hmac", ciphertext, 0,
                            hashSize);
    }
    boolean cksumFailed = false;
    if (calculatedHmac.length >= hashSize) {
        for (int i = 0; i < hashSize; i++) {
            if (calculatedHmac[i] != ciphertext[i]) {
                cksumFailed = true;
                if (debug) {
                    System.err.println("Checksum failed !");
                }
                break;
            }
        }
    }
    if (cksumFailed) {
        throw new GeneralSecurityException("Checksum failed");
    }

    // Get rid of confounder
    // [ confounder | plaintext ]
    byte[] output = new byte[plaintext.length - confounderSize];
    System.arraycopy(plaintext, confounderSize, output, 0, output.length);

    return output;
}
 
Example 20
Source File: DkCrypto.java    From openjdk-8 with GNU General Public License v2.0 4 votes vote down vote up
public byte[] calculateChecksum(byte[] baseKey, int usage, byte[] input,
    int start, int len) throws GeneralSecurityException {

    if (!KeyUsage.isValid(usage)) {
        throw new GeneralSecurityException("Invalid key usage number: "
                                            + usage);
    }

    // Derive keys
    byte[] constant = new byte[5];
    constant[0] = (byte) ((usage>>24)&0xff);
    constant[1] = (byte) ((usage>>16)&0xff);
    constant[2] = (byte) ((usage>>8)&0xff);
    constant[3] = (byte) (usage&0xff);

    constant[4] = (byte) 0x99;

    byte[] Kc = dk(baseKey, constant);  // Checksum key
    if (debug) {
        System.err.println("usage: " + usage);
        traceOutput("input", input, start, Math.min(len, 32));
        traceOutput("constant", constant, 0, constant.length);
        traceOutput("baseKey", baseKey, 0, baseKey.length);
        traceOutput("Kc", Kc, 0, Kc.length);
    }

    try {
        // Generate checksum
        // H1 = HMAC(Kc, input)
        byte[] hmac = getHmac(Kc, input);
        if (debug) {
            traceOutput("hmac", hmac, 0, hmac.length);
        }
        if (hmac.length == getChecksumLength()) {
            return hmac;
        } else if (hmac.length > getChecksumLength()) {
            byte[] buf = new byte[getChecksumLength()];
            System.arraycopy(hmac, 0, buf, 0, buf.length);
            return buf;
        } else {
            throw new GeneralSecurityException("checksum size too short: " +
                hmac.length + "; expecting : " + getChecksumLength());
        }
    } finally {
        Arrays.fill(Kc, 0, Kc.length, (byte)0);
    }
}