| /* GENERATED SOURCE. DO NOT MODIFY. */ |
| package com.android.internal.org.bouncycastle.jcajce.provider.symmetric.util; |
| |
| import java.io.ByteArrayOutputStream; |
| import java.security.AlgorithmParameters; |
| import java.security.InvalidAlgorithmParameterException; |
| import java.security.InvalidKeyException; |
| import java.security.InvalidParameterException; |
| import java.security.Key; |
| import java.security.KeyFactory; |
| import java.security.NoSuchAlgorithmException; |
| import java.security.NoSuchProviderException; |
| import java.security.PrivateKey; |
| import java.security.SecureRandom; |
| import java.security.spec.AlgorithmParameterSpec; |
| import java.security.spec.InvalidKeySpecException; |
| import java.security.spec.PKCS8EncodedKeySpec; |
| import java.security.spec.X509EncodedKeySpec; |
| |
| import javax.crypto.BadPaddingException; |
| import javax.crypto.Cipher; |
| import javax.crypto.CipherSpi; |
| import javax.crypto.IllegalBlockSizeException; |
| import javax.crypto.NoSuchPaddingException; |
| import javax.crypto.ShortBufferException; |
| import javax.crypto.spec.IvParameterSpec; |
| import javax.crypto.spec.PBEParameterSpec; |
| // Android-removed: Unsupported algorithms |
| // import javax.crypto.spec.RC2ParameterSpec; |
| // import javax.crypto.spec.RC5ParameterSpec; |
| import javax.crypto.spec.SecretKeySpec; |
| |
| import com.android.internal.org.bouncycastle.asn1.pkcs.PrivateKeyInfo; |
| import com.android.internal.org.bouncycastle.crypto.CipherParameters; |
| import com.android.internal.org.bouncycastle.crypto.InvalidCipherTextException; |
| import com.android.internal.org.bouncycastle.crypto.Wrapper; |
| import com.android.internal.org.bouncycastle.crypto.params.KeyParameter; |
| import com.android.internal.org.bouncycastle.crypto.params.ParametersWithIV; |
| import com.android.internal.org.bouncycastle.crypto.params.ParametersWithRandom; |
| // Android-removed: Unsupported algorithms |
| // import org.bouncycastle.crypto.params.ParametersWithSBox; |
| // import org.bouncycastle.crypto.params.ParametersWithUKM; |
| // import org.bouncycastle.jcajce.spec.GOST28147WrapParameterSpec; |
| // Android-changed: Use default provider for JCA algorithms instead of BC |
| // Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper; |
| import com.android.internal.org.bouncycastle.jcajce.util.DefaultJcaJceHelper; |
| import com.android.internal.org.bouncycastle.jcajce.util.JcaJceHelper; |
| import com.android.internal.org.bouncycastle.jce.provider.BouncyCastleProvider; |
| import com.android.internal.org.bouncycastle.util.Arrays; |
| |
| /** |
| * @hide This class is not part of the Android public SDK API |
| */ |
| public abstract class BaseWrapCipher |
| extends CipherSpi |
| implements PBE |
| { |
| // |
| // specs we can handle. |
| // |
| private Class[] availableSpecs = |
| { |
| // Android-removed: Unsupported algorithms |
| // GOST28147WrapParameterSpec.class, |
| PBEParameterSpec.class, |
| // Android-removed: Unsupported algorithms |
| // RC2ParameterSpec.class, |
| // RC5ParameterSpec.class |
| IvParameterSpec.class |
| }; |
| |
| protected int pbeType = PKCS12; |
| protected int pbeHash = SHA1; |
| protected int pbeKeySize; |
| protected int pbeIvSize; |
| |
| protected AlgorithmParameters engineParams = null; |
| |
| protected Wrapper wrapEngine = null; |
| |
| private int ivSize; |
| private byte[] iv; |
| |
| private ErasableOutputStream wrapStream = null; |
| private boolean forWrapping; |
| |
| // Android-changed: Use default provider for JCA algorithms instead of BC |
| // Was: private final JcaJceHelper helper = new BCJcaJceHelper(); |
| private final JcaJceHelper helper = new DefaultJcaJceHelper(); |
| |
| protected BaseWrapCipher() |
| { |
| } |
| |
| protected BaseWrapCipher( |
| Wrapper wrapEngine) |
| { |
| this(wrapEngine, 0); |
| } |
| |
| protected BaseWrapCipher( |
| Wrapper wrapEngine, |
| int ivSize) |
| { |
| this.wrapEngine = wrapEngine; |
| this.ivSize = ivSize; |
| } |
| |
| protected int engineGetBlockSize() |
| { |
| return 0; |
| } |
| |
| protected byte[] engineGetIV() |
| { |
| return Arrays.clone(iv); |
| } |
| |
| protected int engineGetKeySize( |
| Key key) |
| { |
| return key.getEncoded().length * 8; |
| } |
| |
| protected int engineGetOutputSize( |
| int inputLen) |
| { |
| return -1; |
| } |
| |
| protected AlgorithmParameters engineGetParameters() |
| { |
| if (engineParams == null) |
| { |
| if (iv != null) |
| { |
| String name = wrapEngine.getAlgorithmName(); |
| |
| if (name.indexOf('/') >= 0) |
| { |
| name = name.substring(0, name.indexOf('/')); |
| } |
| |
| try |
| { |
| engineParams = createParametersInstance(name); |
| engineParams.init(new IvParameterSpec(iv)); |
| } |
| catch (Exception e) |
| { |
| throw new RuntimeException(e.toString()); |
| } |
| } |
| } |
| |
| return engineParams; |
| } |
| |
| protected final AlgorithmParameters createParametersInstance(String algorithm) |
| throws NoSuchAlgorithmException, NoSuchProviderException |
| { |
| return helper.createAlgorithmParameters(algorithm); |
| } |
| |
| protected void engineSetMode( |
| String mode) |
| throws NoSuchAlgorithmException |
| { |
| throw new NoSuchAlgorithmException("can't support mode " + mode); |
| } |
| |
| protected void engineSetPadding( |
| String padding) |
| throws NoSuchPaddingException |
| { |
| throw new NoSuchPaddingException("Padding " + padding + " unknown."); |
| } |
| |
| protected void engineInit( |
| int opmode, |
| Key key, |
| AlgorithmParameterSpec params, |
| SecureRandom random) |
| throws InvalidKeyException, InvalidAlgorithmParameterException |
| { |
| CipherParameters param; |
| |
| if (key instanceof BCPBEKey) |
| { |
| BCPBEKey k = (BCPBEKey)key; |
| |
| if (params instanceof PBEParameterSpec) |
| { |
| param = PBE.Util.makePBEParameters(k, params, wrapEngine.getAlgorithmName()); |
| } |
| else if (k.getParam() != null) |
| { |
| param = k.getParam(); |
| } |
| else |
| { |
| throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set."); |
| } |
| } |
| else |
| { |
| param = new KeyParameter(key.getEncoded()); |
| } |
| |
| if (params instanceof IvParameterSpec) |
| { |
| IvParameterSpec ivSpec = (IvParameterSpec)params; |
| this.iv = ivSpec.getIV(); |
| param = new ParametersWithIV(param, iv); |
| } |
| |
| // BEGIN Android-removed: Unsupported algorithms |
| /* |
| if (params instanceof GOST28147WrapParameterSpec) |
| { |
| GOST28147WrapParameterSpec spec = (GOST28147WrapParameterSpec) params; |
| |
| byte[] sBox = spec.getSBox(); |
| if (sBox != null) |
| { |
| param = new ParametersWithSBox(param, sBox); |
| } |
| param = new ParametersWithUKM(param, spec.getUKM()); |
| } |
| */ |
| // END Android-removed: Unsupported algorithms |
| |
| if (param instanceof KeyParameter && ivSize != 0) |
| { |
| if (opmode == Cipher.WRAP_MODE || opmode == Cipher.ENCRYPT_MODE) |
| { |
| iv = new byte[ivSize]; |
| random.nextBytes(iv); |
| param = new ParametersWithIV(param, iv); |
| } |
| } |
| |
| if (random != null) |
| { |
| param = new ParametersWithRandom(param, random); |
| } |
| |
| try |
| { |
| switch (opmode) |
| { |
| case Cipher.WRAP_MODE: |
| wrapEngine.init(true, param); |
| this.wrapStream = null; |
| this.forWrapping = true; |
| break; |
| case Cipher.UNWRAP_MODE: |
| wrapEngine.init(false, param); |
| this.wrapStream = null; |
| this.forWrapping = false; |
| break; |
| case Cipher.ENCRYPT_MODE: |
| wrapEngine.init(true, param); |
| this.wrapStream = new ErasableOutputStream(); |
| this.forWrapping = true; |
| break; |
| case Cipher.DECRYPT_MODE: |
| wrapEngine.init(false, param); |
| this.wrapStream = new ErasableOutputStream(); |
| this.forWrapping = false; |
| break; |
| default: |
| throw new InvalidParameterException("Unknown mode parameter passed to init."); |
| } |
| } |
| catch (Exception e) |
| { |
| throw new InvalidKeyOrParametersException(e.getMessage(), e); |
| } |
| } |
| |
| protected void engineInit( |
| int opmode, |
| Key key, |
| AlgorithmParameters params, |
| SecureRandom random) |
| throws InvalidKeyException, InvalidAlgorithmParameterException |
| { |
| AlgorithmParameterSpec paramSpec = null; |
| |
| if (params != null) |
| { |
| paramSpec = SpecUtil.extractSpec(params, availableSpecs); |
| |
| if (paramSpec == null) |
| { |
| throw new InvalidAlgorithmParameterException("can't handle parameter " + params.toString()); |
| } |
| } |
| |
| engineParams = params; |
| engineInit(opmode, key, paramSpec, random); |
| } |
| |
| protected void engineInit( |
| int opmode, |
| Key key, |
| SecureRandom random) |
| throws InvalidKeyException |
| { |
| try |
| { |
| engineInit(opmode, key, (AlgorithmParameterSpec)null, random); |
| } |
| catch (InvalidAlgorithmParameterException e) |
| { |
| throw new InvalidKeyOrParametersException(e.getMessage(), e); |
| } |
| } |
| |
| protected byte[] engineUpdate( |
| byte[] input, |
| int inputOffset, |
| int inputLen) |
| { |
| if (wrapStream == null) |
| { |
| throw new IllegalStateException("not supported in a wrapping mode"); |
| } |
| |
| wrapStream.write(input, inputOffset, inputLen); |
| |
| return null; |
| } |
| |
| protected int engineUpdate( |
| byte[] input, |
| int inputOffset, |
| int inputLen, |
| byte[] output, |
| int outputOffset) |
| throws ShortBufferException |
| { |
| if (wrapStream == null) |
| { |
| throw new IllegalStateException("not supported in a wrapping mode"); |
| } |
| |
| wrapStream.write(input, inputOffset, inputLen); |
| |
| return 0; |
| } |
| |
| protected byte[] engineDoFinal( |
| byte[] input, |
| int inputOffset, |
| int inputLen) |
| throws IllegalBlockSizeException, BadPaddingException |
| { |
| if (wrapStream == null) |
| { |
| throw new IllegalStateException("not supported in a wrapping mode"); |
| } |
| |
| if (input != null) |
| { |
| wrapStream.write(input, inputOffset, inputLen); |
| } |
| |
| try |
| { |
| if (forWrapping) |
| { |
| try |
| { |
| return wrapEngine.wrap(wrapStream.getBuf(), 0, wrapStream.size()); |
| } |
| catch (Exception e) |
| { |
| throw new IllegalBlockSizeException(e.getMessage()); |
| } |
| } |
| else |
| { |
| try |
| { |
| return wrapEngine.unwrap(wrapStream.getBuf(), 0, wrapStream.size()); |
| } |
| catch (InvalidCipherTextException e) |
| { |
| throw new BadPaddingException(e.getMessage()); |
| } |
| } |
| } |
| finally |
| { |
| wrapStream.erase(); |
| } |
| } |
| |
| protected int engineDoFinal( |
| byte[] input, |
| int inputOffset, |
| int inputLen, |
| byte[] output, |
| int outputOffset) |
| throws IllegalBlockSizeException, BadPaddingException, ShortBufferException |
| { |
| if (wrapStream == null) |
| { |
| throw new IllegalStateException("not supported in a wrapping mode"); |
| } |
| |
| wrapStream.write(input, inputOffset, inputLen); |
| |
| try |
| { |
| byte[] enc; |
| |
| if (forWrapping) |
| { |
| try |
| { |
| enc = wrapEngine.wrap(wrapStream.getBuf(), 0, wrapStream.size()); |
| } |
| catch (Exception e) |
| { |
| throw new IllegalBlockSizeException(e.getMessage()); |
| } |
| } |
| else |
| { |
| try |
| { |
| enc = wrapEngine.unwrap(wrapStream.getBuf(), 0, wrapStream.size()); |
| } |
| catch (InvalidCipherTextException e) |
| { |
| throw new BadPaddingException(e.getMessage()); |
| } |
| } |
| |
| if (outputOffset + enc.length > output.length) |
| { |
| throw new ShortBufferException("output buffer too short for input."); |
| } |
| |
| System.arraycopy(enc, 0, output, outputOffset, enc.length); |
| |
| return enc.length; |
| } |
| finally |
| { |
| wrapStream.erase(); |
| } |
| } |
| |
| protected byte[] engineWrap( |
| Key key) |
| throws IllegalBlockSizeException, InvalidKeyException |
| { |
| byte[] encoded = key.getEncoded(); |
| if (encoded == null) |
| { |
| throw new InvalidKeyException("Cannot wrap key, null encoding."); |
| } |
| |
| try |
| { |
| if (wrapEngine == null) |
| { |
| return engineDoFinal(encoded, 0, encoded.length); |
| } |
| else |
| { |
| return wrapEngine.wrap(encoded, 0, encoded.length); |
| } |
| } |
| catch (BadPaddingException e) |
| { |
| throw new IllegalBlockSizeException(e.getMessage()); |
| } |
| } |
| |
| protected Key engineUnwrap( |
| byte[] wrappedKey, |
| String wrappedKeyAlgorithm, |
| int wrappedKeyType) |
| throws InvalidKeyException, NoSuchAlgorithmException |
| { |
| byte[] encoded; |
| try |
| { |
| if (wrapEngine == null) |
| { |
| encoded = engineDoFinal(wrappedKey, 0, wrappedKey.length); |
| } |
| else |
| { |
| encoded = wrapEngine.unwrap(wrappedKey, 0, wrappedKey.length); |
| } |
| } |
| catch (InvalidCipherTextException e) |
| { |
| throw new InvalidKeyException(e.getMessage()); |
| } |
| catch (BadPaddingException e) |
| { |
| throw new InvalidKeyException(e.getMessage()); |
| } |
| catch (IllegalBlockSizeException e2) |
| { |
| throw new InvalidKeyException(e2.getMessage()); |
| } |
| |
| if (wrappedKeyType == Cipher.SECRET_KEY) |
| { |
| return new SecretKeySpec(encoded, wrappedKeyAlgorithm); |
| } |
| else if (wrappedKeyAlgorithm.equals("") && wrappedKeyType == Cipher.PRIVATE_KEY) |
| { |
| /* |
| * The caller doesn't know the algorithm as it is part of |
| * the encrypted data. |
| */ |
| try |
| { |
| PrivateKeyInfo in = PrivateKeyInfo.getInstance(encoded); |
| |
| PrivateKey privKey = BouncyCastleProvider.getPrivateKey(in); |
| |
| if (privKey != null) |
| { |
| return privKey; |
| } |
| else |
| { |
| throw new InvalidKeyException("algorithm " + in.getPrivateKeyAlgorithm().getAlgorithm() + " not supported"); |
| } |
| } |
| catch (Exception e) |
| { |
| throw new InvalidKeyException("Invalid key encoding."); |
| } |
| } |
| else |
| { |
| try |
| { |
| KeyFactory kf = helper.createKeyFactory(wrappedKeyAlgorithm); |
| |
| if (wrappedKeyType == Cipher.PUBLIC_KEY) |
| { |
| return kf.generatePublic(new X509EncodedKeySpec(encoded)); |
| } |
| else if (wrappedKeyType == Cipher.PRIVATE_KEY) |
| { |
| return kf.generatePrivate(new PKCS8EncodedKeySpec(encoded)); |
| } |
| } |
| catch (NoSuchProviderException e) |
| { |
| throw new InvalidKeyException("Unknown key type " + e.getMessage()); |
| } |
| catch (InvalidKeySpecException e2) |
| { |
| throw new InvalidKeyException("Unknown key type " + e2.getMessage()); |
| } |
| |
| throw new InvalidKeyException("Unknown key type " + wrappedKeyType); |
| } |
| } |
| |
| protected static final class ErasableOutputStream |
| extends ByteArrayOutputStream |
| { |
| public ErasableOutputStream() |
| { |
| } |
| |
| public byte[] getBuf() |
| { |
| return buf; |
| } |
| |
| public void erase() |
| { |
| Arrays.fill(this.buf, (byte)0); |
| reset(); |
| } |
| } |
| |
| protected static class InvalidKeyOrParametersException |
| extends InvalidKeyException |
| { |
| private final Throwable cause; |
| |
| InvalidKeyOrParametersException(String msg, Throwable cause) |
| { |
| super(msg); |
| this.cause = cause; |
| } |
| |
| public Throwable getCause() |
| { |
| return cause; |
| } |
| } |
| } |