--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/com/sun/crypto/provider/DESKeyGenerator.java Sat Dec 01 00:00:00 2007 +0000
@@ -0,0 +1,154 @@
+/*
+ * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Sun designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Sun in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+package com.sun.crypto.provider;
+
+import java.security.SecureRandom;
+import java.security.InvalidParameterException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.spec.AlgorithmParameterSpec;
+import javax.crypto.KeyGeneratorSpi;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.DESKeySpec;
+
+/**
+ * This class generates a DES key.
+ *
+ * @author Jan Luehe
+ *
+ */
+
+public final class DESKeyGenerator extends KeyGeneratorSpi {
+
+ private SecureRandom random = null;
+
+ /**
+ * Verify the SunJCE provider in the constructor.
+ *
+ * @exception SecurityException if fails to verify
+ * its own integrity
+ */
+ public DESKeyGenerator() {
+ if (!SunJCE.verifySelfIntegrity(this.getClass())) {
+ throw new SecurityException("The SunJCE provider may have " +
+ "been tampered.");
+ }
+ }
+
+ /**
+ * Initializes this key generator.
+ *
+ * @param random the source of randomness for this generator
+ */
+ protected void engineInit(SecureRandom random) {
+ this.random = random;
+ }
+
+ /**
+ * Initializes this key generator with the specified parameter
+ * set and a user-provided source of randomness.
+ *
+ * @param params the key generation parameters
+ * @param random the source of randomness for this key generator
+ *
+ * @exception InvalidAlgorithmParameterException if <code>params</code> is
+ * inappropriate for this key generator
+ */
+ protected void engineInit(AlgorithmParameterSpec params,
+ SecureRandom random)
+ throws InvalidAlgorithmParameterException {
+ throw new InvalidAlgorithmParameterException
+ ("DES key generation does not take any parameters");
+ }
+
+ /**
+ * Initializes this key generator for a certain keysize, using the given
+ * source of randomness.
+ *
+ * @param keysize the keysize. This is an algorithm-specific
+ * metric specified in number of bits.
+ * @param random the source of randomness for this key generator
+ */
+ protected void engineInit(int keysize, SecureRandom random) {
+ if (keysize != 56) {
+ throw new InvalidParameterException("Wrong keysize: must "
+ + "be equal to 56");
+ }
+ this.engineInit(random);
+ }
+
+ /**
+ * Generates the DES key.
+ *
+ * @return the new DES key
+ */
+ protected SecretKey engineGenerateKey() {
+ DESKey desKey = null;
+
+ if (this.random == null) {
+ this.random = SunJCE.RANDOM;
+ }
+
+ try {
+ byte[] key = new byte[DESKeySpec.DES_KEY_LEN];
+ do {
+ this.random.nextBytes(key);
+ setParityBit(key, 0);
+ } while (DESKeySpec.isWeak(key, 0));
+ desKey = new DESKey(key);
+ } catch (InvalidKeyException e) {
+ // this is never thrown
+ }
+
+ return desKey;
+ }
+
+ /*
+ * Does parity adjustment, using bit in position 8 as the parity bit,
+ * for 8 key bytes, starting at <code>offset</code>.
+ *
+ * The 8 parity bits of a DES key are only used for sanity-checking
+ * of the key, to see if the key could actually be a key. If you check
+ * the parity of the quantity, and it winds up not having the correct
+ * parity, then you'll know something went wrong.
+ *
+ * A key that is not parity adjusted (e.g. e4e4e4e4e4e4e4e4) produces the
+ * same output as a key that is parity adjusted (e.g. e5e5e5e5e5e5e5e5),
+ * because it is the 56 bits of the DES key that are cryptographically
+ * significant/"effective" -- the other 8 bits are just used for parity
+ * checking.
+ */
+ static void setParityBit(byte[] key, int offset) {
+ if (key == null)
+ return;
+
+ for (int i = 0; i < DESKeySpec.DES_KEY_LEN; i++) {
+ int b = key[offset] & 0xfe;
+ b |= (Integer.bitCount(b) & 1) ^ 1;
+ key[offset++] = (byte)b;
+ }
+ }
+}