mirror of
https://code.briarproject.org/briar/briar.git
synced 2026-02-17 21:29:54 +01:00
Whitespace-only code formatting changes.
This commit is contained in:
akwizgran
@@ -26,15 +26,15 @@ class AuthenticatedCipherImpl implements AuthenticatedCipher {
|
||||
public int process(byte[] input, int inputOff, int len, byte[] output,
|
||||
int outputOff) throws GeneralSecurityException {
|
||||
int processed = 0;
|
||||
if(len != 0) {
|
||||
if (len != 0) {
|
||||
processed = cipher.processBytes(input, inputOff, len, output,
|
||||
outputOff);
|
||||
}
|
||||
try {
|
||||
return processed + cipher.doFinal(output, outputOff + processed);
|
||||
} catch(DataLengthException e) {
|
||||
} catch (DataLengthException e) {
|
||||
throw new GeneralSecurityException(e.getMessage());
|
||||
} catch(InvalidCipherTextException e) {
|
||||
} catch (InvalidCipherTextException e) {
|
||||
throw new GeneralSecurityException(e.getMessage());
|
||||
}
|
||||
}
|
||||
@@ -46,7 +46,7 @@ class AuthenticatedCipherImpl implements AuthenticatedCipher {
|
||||
AEADParameters params = new AEADParameters(k, MAC_LENGTH * 8, iv, iv);
|
||||
try {
|
||||
cipher.init(encrypt, params);
|
||||
} catch(IllegalArgumentException e) {
|
||||
} catch (IllegalArgumentException e) {
|
||||
throw new GeneralSecurityException(e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,17 +24,17 @@ class CombinedSecureRandom extends SecureRandom {
|
||||
private final SecureRandom[] randoms;
|
||||
|
||||
private CombinedSecureRandomSpi(SecureRandom... randoms) {
|
||||
if(randoms.length < 2) throw new IllegalArgumentException();
|
||||
if (randoms.length < 2) throw new IllegalArgumentException();
|
||||
this.randoms = randoms;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected byte[] engineGenerateSeed(int numBytes) {
|
||||
byte[] combined = new byte[numBytes];
|
||||
for(SecureRandom random : randoms) {
|
||||
for (SecureRandom random : randoms) {
|
||||
byte[] b = random.generateSeed(numBytes);
|
||||
int length = Math.min(numBytes, b.length);
|
||||
for(int i = 0; i < length; i++)
|
||||
for (int i = 0; i < length; i++)
|
||||
combined[i] = (byte) (combined[i] ^ b[i]);
|
||||
}
|
||||
return combined;
|
||||
@@ -43,16 +43,16 @@ class CombinedSecureRandom extends SecureRandom {
|
||||
@Override
|
||||
protected void engineNextBytes(byte[] b) {
|
||||
byte[] temp = new byte[b.length];
|
||||
for(SecureRandom random : randoms) {
|
||||
for (SecureRandom random : randoms) {
|
||||
random.nextBytes(temp);
|
||||
for(int i = 0; i < b.length; i++)
|
||||
for (int i = 0; i < b.length; i++)
|
||||
b[i] = (byte) (b[i] ^ temp[i]);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void engineSetSeed(byte[] seed) {
|
||||
for(SecureRandom random : randoms) random.setSeed(seed);
|
||||
for (SecureRandom random : randoms) random.setSeed(seed);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -79,9 +79,9 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
|
||||
@Inject
|
||||
CryptoComponentImpl(SeedProvider r) {
|
||||
if(!FortunaSecureRandom.selfTest()) throw new RuntimeException();
|
||||
if (!FortunaSecureRandom.selfTest()) throw new RuntimeException();
|
||||
SecureRandom secureRandom1 = new SecureRandom();
|
||||
if(LOG.isLoggable(INFO)) {
|
||||
if (LOG.isLoggable(INFO)) {
|
||||
String provider = secureRandom1.getProvider().getName();
|
||||
String algorithm = secureRandom1.getAlgorithm();
|
||||
LOG.info("Default SecureRandom: " + provider + " " + algorithm);
|
||||
@@ -168,7 +168,7 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
}
|
||||
|
||||
public int[] deriveConfirmationCodes(byte[] secret) {
|
||||
if(secret.length != SecretKey.LENGTH)
|
||||
if (secret.length != SecretKey.LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
byte[] alice = counterModeKdf(secret, CODE, 0);
|
||||
byte[] bob = counterModeKdf(secret, CODE, 1);
|
||||
@@ -179,7 +179,7 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
}
|
||||
|
||||
public byte[][] deriveInvitationNonces(byte[] secret) {
|
||||
if(secret.length != SecretKey.LENGTH)
|
||||
if (secret.length != SecretKey.LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
byte[] alice = counterModeKdf(secret, NONCE, 0);
|
||||
byte[] bob = counterModeKdf(secret, NONCE, 1);
|
||||
@@ -193,7 +193,7 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
byte[] ourHash = messageDigest.digest(ourPublicKey);
|
||||
byte[] theirHash = messageDigest.digest(theirPublicKey);
|
||||
byte[] aliceInfo, bobInfo;
|
||||
if(alice) {
|
||||
if (alice) {
|
||||
aliceInfo = ourHash;
|
||||
bobInfo = theirHash;
|
||||
} else {
|
||||
@@ -212,9 +212,9 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
// Package access for testing
|
||||
byte[] deriveSharedSecret(PrivateKey priv, PublicKey pub)
|
||||
throws GeneralSecurityException {
|
||||
if(!(priv instanceof Sec1PrivateKey))
|
||||
if (!(priv instanceof Sec1PrivateKey))
|
||||
throw new IllegalArgumentException();
|
||||
if(!(pub instanceof Sec1PublicKey))
|
||||
if (!(pub instanceof Sec1PublicKey))
|
||||
throw new IllegalArgumentException();
|
||||
ECPrivateKeyParameters ecPriv = ((Sec1PrivateKey) priv).getKey();
|
||||
ECPublicKeyParameters ecPub = ((Sec1PublicKey) pub).getKey();
|
||||
@@ -223,46 +223,46 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
agreement.init(ecPriv);
|
||||
byte[] secret = agreement.calculateAgreement(ecPub).toByteArray();
|
||||
long duration = System.currentTimeMillis() - now;
|
||||
if(LOG.isLoggable(INFO))
|
||||
if (LOG.isLoggable(INFO))
|
||||
LOG.info("Deriving shared secret took " + duration + " ms");
|
||||
return secret;
|
||||
}
|
||||
|
||||
public byte[] deriveGroupSalt(byte[] secret) {
|
||||
if(secret.length != SecretKey.LENGTH)
|
||||
if (secret.length != SecretKey.LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
return counterModeKdf(secret, SALT, 0);
|
||||
}
|
||||
|
||||
public byte[] deriveInitialSecret(byte[] secret, int transportIndex) {
|
||||
if(secret.length != SecretKey.LENGTH)
|
||||
if (secret.length != SecretKey.LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
if(transportIndex < 0) throw new IllegalArgumentException();
|
||||
if (transportIndex < 0) throw new IllegalArgumentException();
|
||||
return counterModeKdf(secret, FIRST, transportIndex);
|
||||
}
|
||||
|
||||
public byte[] deriveNextSecret(byte[] secret, long period) {
|
||||
if(secret.length != SecretKey.LENGTH)
|
||||
if (secret.length != SecretKey.LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
if(period < 0 || period > MAX_32_BIT_UNSIGNED)
|
||||
if (period < 0 || period > MAX_32_BIT_UNSIGNED)
|
||||
throw new IllegalArgumentException();
|
||||
return counterModeKdf(secret, ROTATE, period);
|
||||
}
|
||||
|
||||
public SecretKey deriveTagKey(byte[] secret, boolean alice) {
|
||||
if(secret.length != SecretKey.LENGTH)
|
||||
if (secret.length != SecretKey.LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
if(alice) return deriveKey(secret, A_TAG, 0);
|
||||
if (alice) return deriveKey(secret, A_TAG, 0);
|
||||
else return deriveKey(secret, B_TAG, 0);
|
||||
}
|
||||
|
||||
public SecretKey deriveFrameKey(byte[] secret, long streamNumber,
|
||||
boolean alice) {
|
||||
if(secret.length != SecretKey.LENGTH)
|
||||
if (secret.length != SecretKey.LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
if(streamNumber < 0 || streamNumber > MAX_32_BIT_UNSIGNED)
|
||||
if (streamNumber < 0 || streamNumber > MAX_32_BIT_UNSIGNED)
|
||||
throw new IllegalArgumentException();
|
||||
if(alice) return deriveKey(secret, A_FRAME, streamNumber);
|
||||
if (alice) return deriveKey(secret, A_FRAME, streamNumber);
|
||||
else return deriveKey(secret, B_FRAME, streamNumber);
|
||||
}
|
||||
|
||||
@@ -271,10 +271,10 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
}
|
||||
|
||||
public void encodeTag(byte[] tag, SecretKey tagKey, long streamNumber) {
|
||||
if(tag.length < TAG_LENGTH) throw new IllegalArgumentException();
|
||||
if(streamNumber < 0 || streamNumber > MAX_32_BIT_UNSIGNED)
|
||||
if (tag.length < TAG_LENGTH) throw new IllegalArgumentException();
|
||||
if (streamNumber < 0 || streamNumber > MAX_32_BIT_UNSIGNED)
|
||||
throw new IllegalArgumentException();
|
||||
for(int i = 0; i < TAG_LENGTH; i++) tag[i] = 0;
|
||||
for (int i = 0; i < TAG_LENGTH; i++) tag[i] = 0;
|
||||
ByteUtils.writeUint32(streamNumber, tag, 0);
|
||||
BlockCipher cipher = new AESLightEngine();
|
||||
assert cipher.getBlockSize() == TAG_LENGTH;
|
||||
@@ -308,7 +308,7 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
int outputOff = salt.length + 4 + iv.length;
|
||||
cipher.process(input, 0, input.length, output, outputOff);
|
||||
return output;
|
||||
} catch(GeneralSecurityException e) {
|
||||
} catch (GeneralSecurityException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
@@ -317,12 +317,12 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
AuthenticatedCipher cipher = new AuthenticatedCipherImpl();
|
||||
int macBytes = cipher.getMacBytes();
|
||||
// The input contains the salt, iterations, IV, ciphertext and MAC
|
||||
if(input.length < PBKDF_SALT_BYTES + 4 + STORAGE_IV_BYTES + macBytes)
|
||||
if (input.length < PBKDF_SALT_BYTES + 4 + STORAGE_IV_BYTES + macBytes)
|
||||
return null; // Invalid input
|
||||
byte[] salt = new byte[PBKDF_SALT_BYTES];
|
||||
System.arraycopy(input, 0, salt, 0, salt.length);
|
||||
long iterations = ByteUtils.readUint32(input, salt.length);
|
||||
if(iterations < 0 || iterations > Integer.MAX_VALUE)
|
||||
if (iterations < 0 || iterations > Integer.MAX_VALUE)
|
||||
return null; // Invalid iteration count
|
||||
byte[] iv = new byte[STORAGE_IV_BYTES];
|
||||
System.arraycopy(input, salt.length + 4, iv, 0, iv.length);
|
||||
@@ -331,7 +331,7 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
// Initialise the cipher
|
||||
try {
|
||||
cipher.init(false, key, iv);
|
||||
} catch(GeneralSecurityException e) {
|
||||
} catch (GeneralSecurityException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
// Try to decrypt the ciphertext (may be invalid)
|
||||
@@ -341,7 +341,7 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
byte[] output = new byte[inputLen - macBytes];
|
||||
cipher.process(input, inputOff, inputLen, output, 0);
|
||||
return output;
|
||||
} catch(GeneralSecurityException e) {
|
||||
} catch (GeneralSecurityException e) {
|
||||
return null; // Invalid ciphertext
|
||||
}
|
||||
}
|
||||
@@ -351,18 +351,18 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
private byte[] concatenationKdf(byte[]... inputs) {
|
||||
// The output of the hash function must be long enough to use as a key
|
||||
MessageDigest messageDigest = getMessageDigest();
|
||||
if(messageDigest.getDigestLength() < SecretKey.LENGTH)
|
||||
if (messageDigest.getDigestLength() < SecretKey.LENGTH)
|
||||
throw new RuntimeException();
|
||||
// Each input is length-prefixed - the length must fit in an
|
||||
// unsigned 8-bit integer
|
||||
for(byte[] input : inputs) {
|
||||
if(input.length > 255) throw new IllegalArgumentException();
|
||||
for (byte[] input : inputs) {
|
||||
if (input.length > 255) throw new IllegalArgumentException();
|
||||
messageDigest.update((byte) input.length);
|
||||
messageDigest.update(input);
|
||||
}
|
||||
byte[] hash = messageDigest.digest();
|
||||
// The output is the first SecretKey.LENGTH bytes of the hash
|
||||
if(hash.length == SecretKey.LENGTH) return hash;
|
||||
if (hash.length == SecretKey.LENGTH) return hash;
|
||||
byte[] truncated = new byte[SecretKey.LENGTH];
|
||||
System.arraycopy(hash, 0, truncated, 0, truncated.length);
|
||||
return truncated;
|
||||
@@ -371,10 +371,10 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
// Key derivation function based on a PRF in counter mode - see
|
||||
// NIST SP 800-108, section 5.1
|
||||
private byte[] counterModeKdf(byte[] secret, byte[] label, long context) {
|
||||
if(secret.length != SecretKey.LENGTH)
|
||||
if (secret.length != SecretKey.LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
// The label must be null-terminated
|
||||
if(label[label.length - 1] != '\0')
|
||||
if (label[label.length - 1] != '\0')
|
||||
throw new IllegalArgumentException();
|
||||
// Initialise the PRF
|
||||
Mac prf = new HMac(new SHA256Digest());
|
||||
@@ -382,7 +382,7 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
prf.init(k);
|
||||
int macLength = prf.getMacSize();
|
||||
// The output of the PRF must be long enough to use as a key
|
||||
if(macLength < SecretKey.LENGTH) throw new RuntimeException();
|
||||
if (macLength < SecretKey.LENGTH) throw new RuntimeException();
|
||||
byte[] mac = new byte[macLength];
|
||||
prf.update((byte) 0); // Counter
|
||||
prf.update(label, 0, label.length); // Null-terminated
|
||||
@@ -392,7 +392,7 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
prf.update((byte) SecretKey.LENGTH); // Output length
|
||||
prf.doFinal(mac, 0);
|
||||
// The output is the first SecretKey.LENGTH bytes of the MAC
|
||||
if(mac.length == SecretKey.LENGTH) return mac;
|
||||
if (mac.length == SecretKey.LENGTH) return mac;
|
||||
byte[] truncated = new byte[SecretKey.LENGTH];
|
||||
System.arraycopy(mac, 0, truncated, 0, truncated.length);
|
||||
return truncated;
|
||||
@@ -414,9 +414,9 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
List<Long> quickSamples = new ArrayList<Long>(PBKDF_SAMPLES);
|
||||
List<Long> slowSamples = new ArrayList<Long>(PBKDF_SAMPLES);
|
||||
long iterationNanos = 0, initNanos = 0;
|
||||
while(iterationNanos <= 0 || initNanos <= 0) {
|
||||
while (iterationNanos <= 0 || initNanos <= 0) {
|
||||
// Sample the running time with one iteration and two iterations
|
||||
for(int i = 0; i < PBKDF_SAMPLES; i++) {
|
||||
for (int i = 0; i < PBKDF_SAMPLES; i++) {
|
||||
quickSamples.add(sampleRunningTime(1));
|
||||
slowSamples.add(sampleRunningTime(2));
|
||||
}
|
||||
@@ -425,16 +425,16 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
long slowMedian = median(slowSamples);
|
||||
iterationNanos = slowMedian - quickMedian;
|
||||
initNanos = quickMedian - iterationNanos;
|
||||
if(LOG.isLoggable(INFO)) {
|
||||
if (LOG.isLoggable(INFO)) {
|
||||
LOG.info("Init: " + initNanos + ", iteration: "
|
||||
+ iterationNanos);
|
||||
}
|
||||
}
|
||||
long targetNanos = targetMillis * 1000L * 1000L;
|
||||
long iterations = (targetNanos - initNanos) / iterationNanos;
|
||||
if(LOG.isLoggable(INFO)) LOG.info("Target iterations: " + iterations);
|
||||
if(iterations < 1) return 1;
|
||||
if(iterations > Integer.MAX_VALUE) return Integer.MAX_VALUE;
|
||||
if (LOG.isLoggable(INFO)) LOG.info("Target iterations: " + iterations);
|
||||
if (iterations < 1) return 1;
|
||||
if (iterations > Integer.MAX_VALUE) return Integer.MAX_VALUE;
|
||||
return (int) iterations;
|
||||
}
|
||||
|
||||
@@ -452,9 +452,9 @@ class CryptoComponentImpl implements CryptoComponent {
|
||||
|
||||
private long median(List<Long> list) {
|
||||
int size = list.size();
|
||||
if(size == 0) throw new IllegalArgumentException();
|
||||
if (size == 0) throw new IllegalArgumentException();
|
||||
Collections.sort(list);
|
||||
if(size % 2 == 1) return list.get(size / 2);
|
||||
if (size % 2 == 1) return list.get(size / 2);
|
||||
return list.get(size / 2 - 1) + list.get(size / 2) / 2;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -51,8 +51,8 @@ class FortunaGenerator {
|
||||
synchLock.lock();
|
||||
try {
|
||||
counter[0]++;
|
||||
for(int i = 0; counter[i] == 0; i++) {
|
||||
if(i + 1 == BLOCK_BYTES)
|
||||
for (int i = 0; counter[i] == 0; i++) {
|
||||
if (i + 1 == BLOCK_BYTES)
|
||||
throw new RuntimeException("Counter exhausted");
|
||||
counter[i + 1]++;
|
||||
}
|
||||
@@ -76,31 +76,31 @@ class FortunaGenerator {
|
||||
synchLock.lock();
|
||||
try {
|
||||
// Don't write more than the maximum number of bytes in one request
|
||||
if(len > MAX_BYTES_PER_REQUEST) len = MAX_BYTES_PER_REQUEST;
|
||||
if (len > MAX_BYTES_PER_REQUEST) len = MAX_BYTES_PER_REQUEST;
|
||||
cipher.init(true, new KeyParameter(key));
|
||||
// Generate full blocks directly into the output buffer
|
||||
int fullBlocks = len / BLOCK_BYTES;
|
||||
for(int i = 0; i < fullBlocks; i++) {
|
||||
for (int i = 0; i < fullBlocks; i++) {
|
||||
cipher.processBlock(counter, 0, dest, off + i * BLOCK_BYTES);
|
||||
incrementCounter();
|
||||
}
|
||||
// Generate a partial block if needed
|
||||
int done = fullBlocks * BLOCK_BYTES, remaining = len - done;
|
||||
assert remaining < BLOCK_BYTES;
|
||||
if(remaining > 0) {
|
||||
if (remaining > 0) {
|
||||
cipher.processBlock(counter, 0, buffer, 0);
|
||||
incrementCounter();
|
||||
// Copy the partial block to the output buffer and erase our copy
|
||||
System.arraycopy(buffer, 0, dest, off + done, remaining);
|
||||
for(int i = 0; i < BLOCK_BYTES; i++) buffer[i] = 0;
|
||||
for (int i = 0; i < BLOCK_BYTES; i++) buffer[i] = 0;
|
||||
}
|
||||
// Generate a new key
|
||||
for(int i = 0; i < KEY_BYTES / BLOCK_BYTES; i++) {
|
||||
for (int i = 0; i < KEY_BYTES / BLOCK_BYTES; i++) {
|
||||
cipher.processBlock(counter, 0, newKey, i * BLOCK_BYTES);
|
||||
incrementCounter();
|
||||
}
|
||||
System.arraycopy(newKey, 0, key, 0, KEY_BYTES);
|
||||
for(int i = 0; i < KEY_BYTES; i++) newKey[i] = 0;
|
||||
for (int i = 0; i < KEY_BYTES; i++) newKey[i] = 0;
|
||||
// Return the number of bytes written
|
||||
return len;
|
||||
} finally {
|
||||
|
||||
@@ -37,12 +37,12 @@ class FortunaSecureRandom extends SecureRandom {
|
||||
SecureRandom r = new FortunaSecureRandom(seed);
|
||||
byte[] output = new byte[16];
|
||||
r.nextBytes(output);
|
||||
if(!Arrays.equals(SELF_TEST_VECTOR_1, output)) return false;
|
||||
if (!Arrays.equals(SELF_TEST_VECTOR_1, output)) return false;
|
||||
r.nextBytes(output);
|
||||
if(!Arrays.equals(SELF_TEST_VECTOR_2, output)) return false;
|
||||
if (!Arrays.equals(SELF_TEST_VECTOR_2, output)) return false;
|
||||
r.setSeed(seed);
|
||||
r.nextBytes(output);
|
||||
if(!Arrays.equals(SELF_TEST_VECTOR_3, output)) return false;
|
||||
if (!Arrays.equals(SELF_TEST_VECTOR_3, output)) return false;
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -66,7 +66,7 @@ class FortunaSecureRandom extends SecureRandom {
|
||||
@Override
|
||||
protected void engineNextBytes(byte[] b) {
|
||||
int offset = 0;
|
||||
while(offset < b.length)
|
||||
while (offset < b.length)
|
||||
offset += generator.nextBytes(b, offset, b.length - offset);
|
||||
}
|
||||
|
||||
|
||||
@@ -10,39 +10,39 @@ import org.briarproject.util.ByteUtils;
|
||||
class FrameEncoder {
|
||||
|
||||
static void encodeIv(byte[] iv, long frameNumber, boolean header) {
|
||||
if(iv.length < IV_LENGTH) throw new IllegalArgumentException();
|
||||
if(frameNumber < 0 || frameNumber > MAX_32_BIT_UNSIGNED)
|
||||
if (iv.length < IV_LENGTH) throw new IllegalArgumentException();
|
||||
if (frameNumber < 0 || frameNumber > MAX_32_BIT_UNSIGNED)
|
||||
throw new IllegalArgumentException();
|
||||
ByteUtils.writeUint32(frameNumber, iv, 0);
|
||||
if(header) iv[4] = 1;
|
||||
if (header) iv[4] = 1;
|
||||
else iv[4] = 0;
|
||||
for(int i = 5; i < IV_LENGTH; i++) iv[i] = 0;
|
||||
for (int i = 5; i < IV_LENGTH; i++) iv[i] = 0;
|
||||
}
|
||||
|
||||
static void encodeHeader(byte[] header, boolean finalFrame,
|
||||
int payloadLength, int paddingLength) {
|
||||
if(header.length < HEADER_LENGTH) throw new IllegalArgumentException();
|
||||
if(payloadLength < 0) throw new IllegalArgumentException();
|
||||
if(paddingLength < 0) throw new IllegalArgumentException();
|
||||
if(payloadLength + paddingLength > MAX_PAYLOAD_LENGTH)
|
||||
if (header.length < HEADER_LENGTH) throw new IllegalArgumentException();
|
||||
if (payloadLength < 0) throw new IllegalArgumentException();
|
||||
if (paddingLength < 0) throw new IllegalArgumentException();
|
||||
if (payloadLength + paddingLength > MAX_PAYLOAD_LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
ByteUtils.writeUint16(payloadLength, header, 0);
|
||||
ByteUtils.writeUint16(paddingLength, header, 2);
|
||||
if(finalFrame) header[0] |= 0x80;
|
||||
if (finalFrame) header[0] |= 0x80;
|
||||
}
|
||||
|
||||
static boolean isFinalFrame(byte[] header) {
|
||||
if(header.length < HEADER_LENGTH) throw new IllegalArgumentException();
|
||||
if (header.length < HEADER_LENGTH) throw new IllegalArgumentException();
|
||||
return (header[0] & 0x80) == 0x80;
|
||||
}
|
||||
|
||||
static int getPayloadLength(byte[] header) {
|
||||
if(header.length < HEADER_LENGTH) throw new IllegalArgumentException();
|
||||
if (header.length < HEADER_LENGTH) throw new IllegalArgumentException();
|
||||
return ByteUtils.readUint16(header, 0) & 0x7FFF;
|
||||
}
|
||||
|
||||
static int getPaddingLength(byte[] header) {
|
||||
if(header.length < HEADER_LENGTH) throw new IllegalArgumentException();
|
||||
if (header.length < HEADER_LENGTH) throw new IllegalArgumentException();
|
||||
return ByteUtils.readUint16(header, 2);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -16,19 +16,19 @@ class PasswordStrengthEstimatorImpl implements PasswordStrengthEstimator {
|
||||
public float estimateStrength(String password) {
|
||||
HashSet<Character> unique = new HashSet<Character>();
|
||||
int length = password.length();
|
||||
for(int i = 0; i < length; i++) unique.add(password.charAt(i));
|
||||
for (int i = 0; i < length; i++) unique.add(password.charAt(i));
|
||||
boolean lower = false, upper = false, digit = false, other = false;
|
||||
for(char c : unique) {
|
||||
if(Character.isLowerCase(c)) lower = true;
|
||||
else if(Character.isUpperCase(c)) upper = true;
|
||||
else if(Character.isDigit(c)) digit = true;
|
||||
for (char c : unique) {
|
||||
if (Character.isLowerCase(c)) lower = true;
|
||||
else if (Character.isUpperCase(c)) upper = true;
|
||||
else if (Character.isDigit(c)) digit = true;
|
||||
else other = true;
|
||||
}
|
||||
int alphabetSize = 0;
|
||||
if(lower) alphabetSize += LOWER;
|
||||
if(upper) alphabetSize += UPPER;
|
||||
if(digit) alphabetSize += DIGIT;
|
||||
if(other) alphabetSize += OTHER;
|
||||
if (lower) alphabetSize += LOWER;
|
||||
if (upper) alphabetSize += UPPER;
|
||||
if (digit) alphabetSize += DIGIT;
|
||||
if (other) alphabetSize += OTHER;
|
||||
double score = Math.log(Math.pow(alphabetSize, unique.size()));
|
||||
return Math.min(1, (float) (score / STRONG));
|
||||
}
|
||||
|
||||
@@ -17,7 +17,7 @@ class PseudoRandomImpl implements PseudoRandom {
|
||||
public byte[] nextBytes(int length) {
|
||||
byte[] b = new byte[length];
|
||||
int offset = 0;
|
||||
while(offset < length) offset += generator.nextBytes(b, offset, length);
|
||||
while (offset < length) offset += generator.nextBytes(b, offset, length);
|
||||
return b;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -43,39 +43,39 @@ class Sec1KeyParser implements KeyParser {
|
||||
// The validation procedure comes from SEC 1, section 3.2.2.1. Note
|
||||
// that SEC 1 parameter names are used below, not RFC 5639 names
|
||||
long now = System.currentTimeMillis();
|
||||
if(encodedKey.length != publicKeyBytes)
|
||||
if (encodedKey.length != publicKeyBytes)
|
||||
throw new GeneralSecurityException();
|
||||
// The first byte must be 0x04
|
||||
if(encodedKey[0] != 4) throw new GeneralSecurityException();
|
||||
if (encodedKey[0] != 4) throw new GeneralSecurityException();
|
||||
// The x co-ordinate must be >= 0 and < p
|
||||
byte[] xBytes = new byte[bytesPerInt];
|
||||
System.arraycopy(encodedKey, 1, xBytes, 0, bytesPerInt);
|
||||
BigInteger x = new BigInteger(1, xBytes); // Positive signum
|
||||
if(x.compareTo(modulus) >= 0) throw new GeneralSecurityException();
|
||||
if (x.compareTo(modulus) >= 0) throw new GeneralSecurityException();
|
||||
// The y co-ordinate must be >= 0 and < p
|
||||
byte[] yBytes = new byte[bytesPerInt];
|
||||
System.arraycopy(encodedKey, 1 + bytesPerInt, yBytes, 0, bytesPerInt);
|
||||
BigInteger y = new BigInteger(1, yBytes); // Positive signum
|
||||
if(y.compareTo(modulus) >= 0) throw new GeneralSecurityException();
|
||||
if (y.compareTo(modulus) >= 0) throw new GeneralSecurityException();
|
||||
// Verify that y^2 == x^3 + ax + b (mod p)
|
||||
ECCurve curve = params.getCurve();
|
||||
BigInteger a = curve.getA().toBigInteger();
|
||||
BigInteger b = curve.getB().toBigInteger();
|
||||
BigInteger lhs = y.multiply(y).mod(modulus);
|
||||
BigInteger rhs = x.multiply(x).add(a).multiply(x).add(b).mod(modulus);
|
||||
if(!lhs.equals(rhs)) throw new GeneralSecurityException();
|
||||
if (!lhs.equals(rhs)) throw new GeneralSecurityException();
|
||||
// We know the point (x, y) is on the curve, so we can create the point
|
||||
ECPoint pub = curve.createPoint(x, y).normalize();
|
||||
// Verify that the point (x, y) is not the point at infinity
|
||||
if(pub.isInfinity()) throw new GeneralSecurityException();
|
||||
if (pub.isInfinity()) throw new GeneralSecurityException();
|
||||
// Verify that the point (x, y) times n is the point at infinity
|
||||
if(!pub.multiply(params.getN()).isInfinity())
|
||||
if (!pub.multiply(params.getN()).isInfinity())
|
||||
throw new GeneralSecurityException();
|
||||
// Construct a public key from the point (x, y) and the params
|
||||
ECPublicKeyParameters k = new ECPublicKeyParameters(pub, params);
|
||||
PublicKey p = new Sec1PublicKey(k, keyBits);
|
||||
long duration = System.currentTimeMillis() - now;
|
||||
if(LOG.isLoggable(INFO))
|
||||
if (LOG.isLoggable(INFO))
|
||||
LOG.info("Parsing public key took " + duration + " ms");
|
||||
return p;
|
||||
}
|
||||
@@ -83,17 +83,17 @@ class Sec1KeyParser implements KeyParser {
|
||||
public PrivateKey parsePrivateKey(byte[] encodedKey)
|
||||
throws GeneralSecurityException {
|
||||
long now = System.currentTimeMillis();
|
||||
if(encodedKey.length != privateKeyBytes)
|
||||
if (encodedKey.length != privateKeyBytes)
|
||||
throw new GeneralSecurityException();
|
||||
BigInteger d = new BigInteger(1, encodedKey); // Positive signum
|
||||
// Verify that the private value is < n
|
||||
if(d.compareTo(params.getN()) >= 0)
|
||||
if (d.compareTo(params.getN()) >= 0)
|
||||
throw new GeneralSecurityException();
|
||||
// Construct a private key from the private value and the params
|
||||
ECPrivateKeyParameters k = new ECPrivateKeyParameters(d, params);
|
||||
PrivateKey p = new Sec1PrivateKey(k, keyBits);
|
||||
long duration = System.currentTimeMillis() - now;
|
||||
if(LOG.isLoggable(INFO))
|
||||
if (LOG.isLoggable(INFO))
|
||||
LOG.info("Parsing private key took " + duration + " ms");
|
||||
return p;
|
||||
}
|
||||
|
||||
@@ -4,9 +4,9 @@ class Sec1Utils {
|
||||
|
||||
static void convertToFixedLength(byte[] src, byte[] dest, int destOff,
|
||||
int destLen) {
|
||||
if(src.length < destLen) {
|
||||
if (src.length < destLen) {
|
||||
int padding = destLen - src.length;
|
||||
for(int i = destOff; i < destOff + padding; i++) dest[i] = 0;
|
||||
for (int i = destOff; i < destOff + padding; i++) dest[i] = 0;
|
||||
System.arraycopy(src, 0, dest, destOff + padding, src.length);
|
||||
} else {
|
||||
int srcOff = src.length - destLen;
|
||||
|
||||
@@ -35,13 +35,13 @@ class SignatureImpl implements Signature {
|
||||
}
|
||||
|
||||
public void initSign(PrivateKey k) throws GeneralSecurityException {
|
||||
if(!(k instanceof Sec1PrivateKey)) throw new GeneralSecurityException();
|
||||
if (!(k instanceof Sec1PrivateKey)) throw new GeneralSecurityException();
|
||||
ECPrivateKeyParameters priv = ((Sec1PrivateKey) k).getKey();
|
||||
signer.init(true, new ParametersWithRandom(priv, secureRandom));
|
||||
}
|
||||
|
||||
public void initVerify(PublicKey k) throws GeneralSecurityException {
|
||||
if(!(k instanceof Sec1PublicKey)) throw new GeneralSecurityException();
|
||||
if (!(k instanceof Sec1PublicKey)) throw new GeneralSecurityException();
|
||||
ECPublicKeyParameters pub = ((Sec1PublicKey) k).getKey();
|
||||
signer.init(false, pub);
|
||||
}
|
||||
@@ -62,7 +62,7 @@ class SignatureImpl implements Signature {
|
||||
long now = System.currentTimeMillis();
|
||||
byte[] signature = signer.generateSignature();
|
||||
long duration = System.currentTimeMillis() - now;
|
||||
if(LOG.isLoggable(INFO))
|
||||
if (LOG.isLoggable(INFO))
|
||||
LOG.info("Generating signature took " + duration + " ms");
|
||||
return signature;
|
||||
}
|
||||
@@ -71,7 +71,7 @@ class SignatureImpl implements Signature {
|
||||
long now = System.currentTimeMillis();
|
||||
boolean valid = signer.verifySignature(signature);
|
||||
long duration = System.currentTimeMillis() - now;
|
||||
if(LOG.isLoggable(INFO))
|
||||
if (LOG.isLoggable(INFO))
|
||||
LOG.info("Verifying signature took " + duration + " ms");
|
||||
return valid;
|
||||
}
|
||||
|
||||
@@ -38,14 +38,14 @@ class StreamDecrypterImpl implements StreamDecrypter {
|
||||
}
|
||||
|
||||
public int readFrame(byte[] payload) throws IOException {
|
||||
if(payload.length < MAX_PAYLOAD_LENGTH)
|
||||
if (payload.length < MAX_PAYLOAD_LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
if(finalFrame) return -1;
|
||||
if (finalFrame) return -1;
|
||||
// Read the header
|
||||
int offset = 0;
|
||||
while(offset < HEADER_LENGTH) {
|
||||
while (offset < HEADER_LENGTH) {
|
||||
int read = in.read(ciphertext, offset, HEADER_LENGTH - offset);
|
||||
if(read == -1) throw new EOFException();
|
||||
if (read == -1) throw new EOFException();
|
||||
offset += read;
|
||||
}
|
||||
// Decrypt and authenticate the header
|
||||
@@ -54,23 +54,23 @@ class StreamDecrypterImpl implements StreamDecrypter {
|
||||
frameCipher.init(false, frameKey, iv);
|
||||
int decrypted = frameCipher.process(ciphertext, 0, HEADER_LENGTH,
|
||||
header, 0);
|
||||
if(decrypted != HEADER_LENGTH - MAC_LENGTH)
|
||||
if (decrypted != HEADER_LENGTH - MAC_LENGTH)
|
||||
throw new RuntimeException();
|
||||
} catch(GeneralSecurityException e) {
|
||||
} catch (GeneralSecurityException e) {
|
||||
throw new FormatException();
|
||||
}
|
||||
// Decode and validate the header
|
||||
finalFrame = FrameEncoder.isFinalFrame(header);
|
||||
int payloadLength = FrameEncoder.getPayloadLength(header);
|
||||
int paddingLength = FrameEncoder.getPaddingLength(header);
|
||||
if(payloadLength + paddingLength > MAX_PAYLOAD_LENGTH)
|
||||
if (payloadLength + paddingLength > MAX_PAYLOAD_LENGTH)
|
||||
throw new FormatException();
|
||||
// Read the payload and padding
|
||||
int frameLength = HEADER_LENGTH + payloadLength + paddingLength
|
||||
+ MAC_LENGTH;
|
||||
while(offset < frameLength) {
|
||||
while (offset < frameLength) {
|
||||
int read = in.read(ciphertext, offset, frameLength - offset);
|
||||
if(read == -1) throw new EOFException();
|
||||
if (read == -1) throw new EOFException();
|
||||
offset += read;
|
||||
}
|
||||
// Decrypt and authenticate the payload and padding
|
||||
@@ -79,14 +79,14 @@ class StreamDecrypterImpl implements StreamDecrypter {
|
||||
frameCipher.init(false, frameKey, iv);
|
||||
int decrypted = frameCipher.process(ciphertext, HEADER_LENGTH,
|
||||
payloadLength + paddingLength + MAC_LENGTH, payload, 0);
|
||||
if(decrypted != payloadLength + paddingLength)
|
||||
if (decrypted != payloadLength + paddingLength)
|
||||
throw new RuntimeException();
|
||||
} catch(GeneralSecurityException e) {
|
||||
} catch (GeneralSecurityException e) {
|
||||
throw new FormatException();
|
||||
}
|
||||
// If there's any padding it must be all zeroes
|
||||
for(int i = 0; i < paddingLength; i++)
|
||||
if(payload[payloadLength + i] != 0) throw new FormatException();
|
||||
for (int i = 0; i < paddingLength; i++)
|
||||
if (payload[payloadLength + i] != 0) throw new FormatException();
|
||||
frameNumber++;
|
||||
return payloadLength;
|
||||
}
|
||||
|
||||
@@ -39,12 +39,12 @@ class StreamEncrypterImpl implements StreamEncrypter {
|
||||
|
||||
public void writeFrame(byte[] payload, int payloadLength,
|
||||
int paddingLength, boolean finalFrame) throws IOException {
|
||||
if(payloadLength + paddingLength > MAX_PAYLOAD_LENGTH)
|
||||
if (payloadLength + paddingLength > MAX_PAYLOAD_LENGTH)
|
||||
throw new IllegalArgumentException();
|
||||
// Don't allow the frame counter to wrap
|
||||
if(frameNumber > MAX_32_BIT_UNSIGNED) throw new IOException();
|
||||
if (frameNumber > MAX_32_BIT_UNSIGNED) throw new IOException();
|
||||
// Write the tag if required
|
||||
if(writeTag) {
|
||||
if (writeTag) {
|
||||
out.write(tag, 0, tag.length);
|
||||
writeTag = false;
|
||||
}
|
||||
@@ -57,13 +57,13 @@ class StreamEncrypterImpl implements StreamEncrypter {
|
||||
frameCipher.init(true, frameKey, iv);
|
||||
int encrypted = frameCipher.process(plaintext, 0,
|
||||
HEADER_LENGTH - MAC_LENGTH, ciphertext, 0);
|
||||
if(encrypted != HEADER_LENGTH) throw new RuntimeException();
|
||||
} catch(GeneralSecurityException badCipher) {
|
||||
if (encrypted != HEADER_LENGTH) throw new RuntimeException();
|
||||
} catch (GeneralSecurityException badCipher) {
|
||||
throw new RuntimeException(badCipher);
|
||||
}
|
||||
// Combine the payload and padding
|
||||
System.arraycopy(payload, 0, plaintext, HEADER_LENGTH, payloadLength);
|
||||
for(int i = 0; i < paddingLength; i++)
|
||||
for (int i = 0; i < paddingLength; i++)
|
||||
plaintext[HEADER_LENGTH + payloadLength + i] = 0;
|
||||
// Encrypt and authenticate the payload and padding
|
||||
FrameEncoder.encodeIv(iv, frameNumber, false);
|
||||
@@ -71,9 +71,9 @@ class StreamEncrypterImpl implements StreamEncrypter {
|
||||
frameCipher.init(true, frameKey, iv);
|
||||
int encrypted = frameCipher.process(plaintext, HEADER_LENGTH,
|
||||
payloadLength + paddingLength, ciphertext, HEADER_LENGTH);
|
||||
if(encrypted != payloadLength + paddingLength + MAC_LENGTH)
|
||||
if (encrypted != payloadLength + paddingLength + MAC_LENGTH)
|
||||
throw new RuntimeException();
|
||||
} catch(GeneralSecurityException badCipher) {
|
||||
} catch (GeneralSecurityException badCipher) {
|
||||
throw new RuntimeException(badCipher);
|
||||
}
|
||||
// Write the frame
|
||||
@@ -84,7 +84,7 @@ class StreamEncrypterImpl implements StreamEncrypter {
|
||||
|
||||
public void flush() throws IOException {
|
||||
// Write the tag if required
|
||||
if(writeTag) {
|
||||
if (writeTag) {
|
||||
out.write(tag, 0, tag.length);
|
||||
writeTag = false;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user