src/java.security.jgss/share/classes/sun/security/krb5/internal/crypto/HmacSha2Aes128CksumType.java
8014628: Support AES Encryption with HMAC-SHA2 for Kerberos 5
Reviewed-by: mullan
/*
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.krb5.internal.crypto;
import sun.security.krb5.Checksum;
import sun.security.krb5.KrbCryptoException;
import sun.security.krb5.internal.*;
import java.security.GeneralSecurityException;
/*
* This class encapsulates the checksum type for aes128-cts-sha256
*/
public class HmacSha2Aes128CksumType extends CksumType {
public HmacSha2Aes128CksumType() {
}
public int confounderSize() {
return 16;
}
public int cksumType() {
return Checksum.CKSUMTYPE_HMAC_SHA256_128_AES128;
}
public boolean isSafe() {
return true;
}
public int cksumSize() {
return 16; // bytes
}
public int keyType() {
return Krb5.KEYTYPE_AES;
}
public int keySize() {
return 16; // bytes
}
public byte[] calculateChecksum(byte[] data, int size) {
return null;
}
/**
* Calculates keyed checksum.
* @param data the data used to generate the checksum.
* @param size length of the data.
* @param key the key used to encrypt the checksum.
* @return keyed checksum.
*/
public byte[] calculateKeyedChecksum(byte[] data, int size, byte[] key,
int usage) throws KrbCryptoException {
try {
return Aes128Sha2.calculateChecksum(key, usage, data, 0, size);
} catch (GeneralSecurityException e) {
KrbCryptoException ke = new KrbCryptoException(e.getMessage());
ke.initCause(e);
throw ke;
}
}
/**
* Verifies keyed checksum.
* @param data the data.
* @param size the length of data.
* @param key the key used to encrypt the checksum.
* @param checksum the checksum.
* @return true if verification is successful.
*/
public boolean verifyKeyedChecksum(byte[] data, int size,
byte[] key, byte[] checksum, int usage) throws KrbCryptoException {
try {
byte[] newCksum = Aes128Sha2.calculateChecksum(key, usage,
data, 0, size);
return isChecksumEqual(checksum, newCksum);
} catch (GeneralSecurityException e) {
KrbCryptoException ke = new KrbCryptoException(e.getMessage());
ke.initCause(e);
throw ke;
}
}
}