001    /* DESKeySpec -- Keys for DES.
002       Copyright (C) 2004  Free Software Foundation, Inc.
003    
004    This file is part of GNU Classpath.
005    
006    GNU Classpath is free software; you can redistribute it and/or modify
007    it under the terms of the GNU General Public License as published by
008    the Free Software Foundation; either version 2, or (at your option)
009    any later version.
010    
011    GNU Classpath is distributed in the hope that it will be useful, but
012    WITHOUT ANY WARRANTY; without even the implied warranty of
013    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014    General Public License for more details.
015    
016    You should have received a copy of the GNU General Public License
017    along with GNU Classpath; see the file COPYING.  If not, write to the
018    Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
019    02110-1301 USA.
020    
021    Linking this library statically or dynamically with other modules is
022    making a combined work based on this library.  Thus, the terms and
023    conditions of the GNU General Public License cover the whole
024    combination.
025    
026    As a special exception, the copyright holders of this library give you
027    permission to link this library with independent modules to produce an
028    executable, regardless of the license terms of these independent
029    modules, and to copy and distribute the resulting executable under
030    terms of your choice, provided that you also meet, for each linked
031    independent module, the terms and conditions of the license of that
032    module.  An independent module is a module which is not derived from
033    or based on this library.  If you modify this library, you may extend
034    this exception to your version of the library, but you are not
035    obligated to do so.  If you do not wish to do so, delete this
036    exception statement from your version. */
037    
038    
039    package javax.crypto.spec;
040    
041    import java.security.InvalidKeyException;
042    import java.security.spec.KeySpec;
043    
044    /**
045     * This class is a transparent wrapper for DES keys, which are arrays
046     * of 8 bytes.
047     *
048     * @author Casey Marshall (csm@gnu.org)
049     * @since 1.4
050     */
051    public class DESKeySpec implements KeySpec
052    {
053    
054      // Constants.
055      // ------------------------------------------------------------------------
056    
057      /**
058       * The length of a DES key, in bytes.
059       */
060      public static final int DES_KEY_LEN = 8;
061    
062      /**
063       * The key bytes.
064       */
065      private byte[] key;
066    
067      // Constructors.
068      // ------------------------------------------------------------------------
069    
070      /**
071       * Create a new DES key spec, copying the first 8 bytes from the
072       * byte array.
073       *
074       * @param key The key bytes.
075       * @throws java.security.InvalidKeyException If there are less than 8
076       *         bytes in the array.
077       */
078      public DESKeySpec(byte[] key) throws InvalidKeyException
079      {
080        this(key, 0);
081      }
082    
083      /**
084       * Create a new DES key spec, starting at <code>offset</code> in
085       * the byte array. The first 8 bytes starting at <code>offset</code>
086       * are copied.
087       *
088       * @param key    The key bytes.
089       * @param offset The offset into the byte array at which to begin.
090       * @throws java.security.InvalidKeyException If there are less than 8
091       *         bytes starting at <code>offset</code>.
092       */
093      public DESKeySpec(byte[] key, int offset) throws InvalidKeyException
094      {
095        if (key.length - offset < DES_KEY_LEN)
096          {
097            throw new InvalidKeyException("DES keys must be 8 bytes long");
098          }
099        this.key = new byte[DES_KEY_LEN];
100        System.arraycopy(key, offset, this.key, 0, DES_KEY_LEN);
101      }
102    
103      // Class methods.
104      // ------------------------------------------------------------------------
105    
106      /**
107       * Returns whether or not the given key is <i>parity adjusted</i>;
108       * i.e. every byte in the key has an odd number of "1" bits.
109       *
110       * @param key    The key bytes, considered between <code>[offset,
111       *               offset+7]</code>
112       * @param offset The offset into the byte array at which to begin.
113       * @return True if all bytes have an odd number of "1" bits.
114       * @throws java.security.InvalidKeyException If there are not enough
115       *         bytes in the array.
116       */
117      public static boolean isParityAdjusted(byte[] key, int offset)
118        throws InvalidKeyException
119      {
120        if (key.length - offset < DES_KEY_LEN)
121          {
122            throw new InvalidKeyException("DES keys must be 8 bytes long");
123          }
124        boolean parity = false;
125        boolean oddbits = false;
126        for (int i = 0; i < DES_KEY_LEN; i++)
127          {
128            oddbits = false;
129            for (int j = 0; j < 8; j++)
130              {
131                oddbits ^= (key[i+offset] & 1 << j) != 0;
132              }
133            parity &= oddbits;
134          }
135        return parity;
136      }
137    
138      /**
139       * One-half of the weak and semiweak DES keys (the other half are the
140       * complements of these).
141       */
142      private static final byte[][] WEAK_KEYS = new byte[][] {
143        {   0,   0,   0,   0,   0,   0,   0,   0 }, // 0000 0000 0000 0000
144        {  -1,  -1,  -1,  -1,   0,   0,   0,   0 }, // ffff ffff 0000 0000
145        {   1,   1,   1,   1,   1,   1,   1,   1 }, // 0101 0101 0101 0101
146        {  31,  31,  31,  31,  14,  14,  14,  14 }, // 1f1f 1f1f 0e0e 0e0e
147        {   1,  -2,   1,  -2,   1,  -2,   1,  -2 }, // 01fe 01fe 01fe 01fe
148        {  31, -32,  31, -32, -32,  31, -32,  31 }, // 1fe0 1fe0 0e1f 0e1f
149        {   1, -32,   1, -32,   1, -15,   1, -15 }, // 01e0 01e0 01f1 01f1
150        {  31,  -2,  31,  -2,  14,  -2,  14,  -2 }, // 1ffe 1ffe 0efe 0efe
151        {   1,  31,   1,  31,   1,  14,   1,  14 }, // 011f 011f 010e 010e
152        { -32,  -2, -32,  -2, -15,  -2, -15,  -2 }, // e0fe e0fe f1fe f1fe
153      };
154    
155      /**
156       * Tests if the bytes between <code>[offset, offset+7]</code>
157       * constitute a weak or semi-weak DES key.
158       *
159       * @param key    The key bytes to check.
160       * @param offset The offset in the byte array to start.
161       * @return true If the key bytes are a weak key.
162       */
163      public static boolean isWeak(byte[] key, int offset)
164        throws InvalidKeyException
165      {
166        if (key.length - offset < DES_KEY_LEN)
167          {
168            throw new InvalidKeyException("DES keys must be 8 bytes long");
169          }
170        for (int i = 0; i < WEAK_KEYS.length; i++)
171          {
172            if (equalsOrComplementEquals(key, offset, WEAK_KEYS[i]))
173              {
174                return true;
175              }
176          }
177        return false;
178      }
179    
180      /**
181       * This method returns true if the first 8 bytes starting at
182       * <code>off</code> in <code>a</code> equal the first 8 bytes in
183       * <code>b</code>, or equal the <i>complement</i> of the first 8 bytes
184       * in <code>b</code>.
185       *
186       * @param a   The first byte array.
187       * @param off The index into the first byte array.
188       * @param b   The second byte array.
189       * @return <code>a == b || a == ~b</code>
190       */
191      private static boolean equalsOrComplementEquals(byte[] a, int off, byte[] b)
192      {
193        boolean result = true;
194        for (int i = 0; i < DES_KEY_LEN; i++)
195          {
196            result &= a[off+i] == b[i];
197          }
198        if (result) return true;
199        result = true;
200        for (int i = 0; i < DES_KEY_LEN; i++)
201          {
202            result &= a[off+i] == (~b[i]);
203          }
204        return result;
205      }
206    
207      // Instance methods.
208      // ------------------------------------------------------------------------
209    
210      /**
211       * Return the key as a byte array. This method does not copy the byte
212       * array.
213       *
214       * @return The key bytes.
215       */
216      public byte[] getKey()
217      {
218        return key;
219      }
220    }