162 |
162 |
163 // number of bytes buffered internally by the native mechanism and padBuffer |
163 // number of bytes buffered internally by the native mechanism and padBuffer |
164 // if we do the padding |
164 // if we do the padding |
165 private int bytesBuffered; |
165 private int bytesBuffered; |
166 |
166 |
|
167 // length of key size in bytes; currently only used by AES given its oid |
|
168 // specification mandates a fixed size of the key |
|
169 private int fixedKeySize = -1; |
|
170 |
167 P11Cipher(Token token, String algorithm, long mechanism) |
171 P11Cipher(Token token, String algorithm, long mechanism) |
168 throws PKCS11Exception, NoSuchAlgorithmException { |
172 throws PKCS11Exception, NoSuchAlgorithmException { |
169 super(); |
173 super(); |
170 this.token = token; |
174 this.token = token; |
171 this.algorithm = algorithm; |
175 this.algorithm = algorithm; |
172 this.mechanism = mechanism; |
176 this.mechanism = mechanism; |
173 |
177 |
174 String algoParts[] = algorithm.split("/"); |
178 String algoParts[] = algorithm.split("/"); |
175 keyAlgorithm = algoParts[0]; |
179 |
176 |
180 if (algoParts[0].startsWith("AES")) { |
177 if (keyAlgorithm.equals("AES")) { |
|
178 blockSize = 16; |
181 blockSize = 16; |
179 } else if (keyAlgorithm.equals("RC4") || |
182 int index = algoParts[0].indexOf('_'); |
180 keyAlgorithm.equals("ARCFOUR")) { |
183 if (index != -1) { |
181 blockSize = 0; |
184 // should be well-formed since we specify what we support |
182 } else { // DES, DESede, Blowfish |
185 fixedKeySize = Integer.parseInt(algoParts[0].substring(index+1))/8; |
183 blockSize = 8; |
186 } |
184 } |
187 keyAlgorithm = "AES"; |
185 this.blockMode = |
188 } else { |
|
189 keyAlgorithm = algoParts[0]; |
|
190 if (keyAlgorithm.equals("RC4") || |
|
191 keyAlgorithm.equals("ARCFOUR")) { |
|
192 blockSize = 0; |
|
193 } else { // DES, DESede, Blowfish |
|
194 blockSize = 8; |
|
195 } |
|
196 this.blockMode = |
186 (algoParts.length > 1 ? parseMode(algoParts[1]) : MODE_ECB); |
197 (algoParts.length > 1 ? parseMode(algoParts[1]) : MODE_ECB); |
187 |
198 } |
188 String defPadding = (blockSize == 0 ? "NoPadding" : "PKCS5Padding"); |
199 String defPadding = (blockSize == 0 ? "NoPadding" : "PKCS5Padding"); |
189 String paddingStr = |
200 String paddingStr = |
190 (algoParts.length > 2 ? algoParts[2] : defPadding); |
201 (algoParts.length > 2 ? algoParts[2] : defPadding); |
191 try { |
202 try { |
192 engineSetPadding(paddingStr); |
203 engineSetPadding(paddingStr); |
331 // actual init() implementation |
342 // actual init() implementation |
332 private void implInit(int opmode, Key key, byte[] iv, |
343 private void implInit(int opmode, Key key, byte[] iv, |
333 SecureRandom random) |
344 SecureRandom random) |
334 throws InvalidKeyException, InvalidAlgorithmParameterException { |
345 throws InvalidKeyException, InvalidAlgorithmParameterException { |
335 cancelOperation(); |
346 cancelOperation(); |
|
347 if (fixedKeySize != -1 && key.getEncoded().length != fixedKeySize) { |
|
348 throw new InvalidKeyException("Key size is invalid"); |
|
349 } |
336 switch (opmode) { |
350 switch (opmode) { |
337 case Cipher.ENCRYPT_MODE: |
351 case Cipher.ENCRYPT_MODE: |
338 encrypt = true; |
352 encrypt = true; |
339 break; |
353 break; |
340 case Cipher.DECRYPT_MODE: |
354 case Cipher.DECRYPT_MODE: |