/*
 * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package com.sun.crypto.provider;

import java.util.Arrays;
import java.nio.ByteBuffer;

import javax.crypto.MacSpi;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import java.security.*;
import java.security.spec.*;

This is an implementation of the PBMAC1 algorithms as defined in PKCS#5 v2.1 standard.
/** * This is an implementation of the PBMAC1 algorithms as defined * in PKCS#5 v2.1 standard. */
abstract class PBMAC1Core extends HmacCore { // NOTE: this class inherits the Cloneable interface from HmacCore // Need to override clone() if mutable fields are added. private final String kdfAlgo; private final String hashAlgo; private final int blockLength; // in octets
Creates an instance of PBMAC1 according to the selected password-based key derivation function.
/** * Creates an instance of PBMAC1 according to the selected * password-based key derivation function. */
PBMAC1Core(String kdfAlgo, String hashAlgo, int blockLength) throws NoSuchAlgorithmException { super(hashAlgo, blockLength); this.kdfAlgo = kdfAlgo; this.hashAlgo = hashAlgo; this.blockLength = blockLength; } private static PBKDF2Core getKDFImpl(String algo) { PBKDF2Core kdf = null; switch(algo) { case "HmacSHA1": kdf = new PBKDF2Core.HmacSHA1(); break; case "HmacSHA224": kdf = new PBKDF2Core.HmacSHA224(); break; case "HmacSHA256": kdf = new PBKDF2Core.HmacSHA256(); break; case "HmacSHA384": kdf = new PBKDF2Core.HmacSHA384(); break; case "HmacSHA512": kdf = new PBKDF2Core.HmacSHA512(); break; default: throw new ProviderException( "No MAC implementation for " + algo); } return kdf; }
Initializes the HMAC with the given secret key and algorithm parameters.
Params:
  • key – the secret key.
  • params – the algorithm parameters.
Throws:
/** * Initializes the HMAC with the given secret key and algorithm parameters. * * @param key the secret key. * @param params the algorithm parameters. * * @exception InvalidKeyException if the given key is inappropriate for * initializing this MAC. * @exception InvalidAlgorithmParameterException if the given algorithm * parameters are inappropriate for this MAC. */
protected void engineInit(Key key, AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException { char[] passwdChars; byte[] salt = null; int iCount = 0; if (key instanceof javax.crypto.interfaces.PBEKey) { javax.crypto.interfaces.PBEKey pbeKey = (javax.crypto.interfaces.PBEKey) key; passwdChars = pbeKey.getPassword(); salt = pbeKey.getSalt(); // maybe null if unspecified iCount = pbeKey.getIterationCount(); // maybe 0 if unspecified } else if (key instanceof SecretKey) { byte[] passwdBytes; if (!(key.getAlgorithm().regionMatches(true, 0, "PBE", 0, 3)) || (passwdBytes = key.getEncoded()) == null) { throw new InvalidKeyException("Missing password"); } passwdChars = new char[passwdBytes.length]; for (int i=0; i<passwdChars.length; i++) { passwdChars[i] = (char) (passwdBytes[i] & 0x7f); } Arrays.fill(passwdBytes, (byte)0x00); } else { throw new InvalidKeyException("SecretKey of PBE type required"); } PBEKeySpec pbeSpec; try { if (params == null) { // should not auto-generate default values since current // javax.crypto.Mac api does not have any method for caller to // retrieve the generated defaults. if ((salt == null) || (iCount == 0)) { throw new InvalidAlgorithmParameterException ("PBEParameterSpec required for salt and iteration count"); } } else if (!(params instanceof PBEParameterSpec)) { throw new InvalidAlgorithmParameterException ("PBEParameterSpec type required"); } else { PBEParameterSpec pbeParams = (PBEParameterSpec) params; // make sure the parameter values are consistent if (salt != null) { if (!Arrays.equals(salt, pbeParams.getSalt())) { throw new InvalidAlgorithmParameterException ("Inconsistent value of salt between key and params"); } } else { salt = pbeParams.getSalt(); } if (iCount != 0) { if (iCount != pbeParams.getIterationCount()) { throw new InvalidAlgorithmParameterException ("Different iteration count between key and params"); } } else { iCount = pbeParams.getIterationCount(); } } // For security purpose, we need to enforce a minimum length // for salt; just require the minimum salt length to be 8-byte // which is what PKCS#5 recommends and openssl does. if (salt.length < 8) { throw new InvalidAlgorithmParameterException ("Salt must be at least 8 bytes long"); } if (iCount <= 0) { throw new InvalidAlgorithmParameterException ("IterationCount must be a positive number"); } pbeSpec = new PBEKeySpec(passwdChars, salt, iCount, blockLength); // password char[] was cloned in PBEKeySpec constructor, // so we can zero it out here } finally { Arrays.fill(passwdChars, '\0'); } SecretKey s; PBKDF2Core kdf = getKDFImpl(kdfAlgo); try { s = kdf.engineGenerateSecret(pbeSpec); } catch (InvalidKeySpecException ikse) { InvalidKeyException ike = new InvalidKeyException("Cannot construct PBE key"); ike.initCause(ikse); throw ike; } byte[] derivedKey = s.getEncoded(); SecretKey cipherKey = new SecretKeySpec(derivedKey, kdfAlgo); super.engineInit(cipherKey, null); } public static final class HmacSHA1 extends PBMAC1Core { public HmacSHA1() throws NoSuchAlgorithmException { super("HmacSHA1", "SHA1", 64); } } public static final class HmacSHA224 extends PBMAC1Core { public HmacSHA224() throws NoSuchAlgorithmException { super("HmacSHA224", "SHA-224", 64); } } public static final class HmacSHA256 extends PBMAC1Core { public HmacSHA256() throws NoSuchAlgorithmException { super("HmacSHA256", "SHA-256", 64); } } public static final class HmacSHA384 extends PBMAC1Core { public HmacSHA384() throws NoSuchAlgorithmException { super("HmacSHA384", "SHA-384", 128); } } public static final class HmacSHA512 extends PBMAC1Core { public HmacSHA512() throws NoSuchAlgorithmException { super("HmacSHA512", "SHA-512", 128); } } }