1/*
2 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26package com.sun.crypto.provider;
27
28import java.security.SecureRandom;
29import java.security.InvalidParameterException;
30import java.security.InvalidAlgorithmParameterException;
31import java.security.InvalidKeyException;
32import java.security.spec.AlgorithmParameterSpec;
33import javax.crypto.KeyGeneratorSpi;
34import javax.crypto.SecretKey;
35import javax.crypto.spec.DESKeySpec;
36
37/**
38 * This class generates a DES key.
39 *
40 * @author Jan Luehe
41 *
42 */
43
44public final class DESKeyGenerator extends KeyGeneratorSpi {
45
46    private SecureRandom random = null;
47
48    /**
49     * Empty constructor
50     */
51    public DESKeyGenerator() {
52    }
53
54    /**
55     * Initializes this key generator.
56     *
57     * @param random the source of randomness for this generator
58     */
59    protected void engineInit(SecureRandom random) {
60        this.random = random;
61    }
62
63    /**
64     * Initializes this key generator with the specified parameter
65     * set and a user-provided source of randomness.
66     *
67     * @param params the key generation parameters
68     * @param random the source of randomness for this key generator
69     *
70     * @exception InvalidAlgorithmParameterException if <code>params</code> is
71     * inappropriate for this key generator
72     */
73    protected void engineInit(AlgorithmParameterSpec params,
74                              SecureRandom random)
75        throws InvalidAlgorithmParameterException {
76            throw new InvalidAlgorithmParameterException
77                ("DES key generation does not take any parameters");
78    }
79
80    /**
81     * Initializes this key generator for a certain keysize, using the given
82     * source of randomness.
83     *
84     * @param keysize the keysize. This is an algorithm-specific
85     * metric specified in number of bits.
86     * @param random the source of randomness for this key generator
87     */
88    protected void engineInit(int keysize, SecureRandom random) {
89        if (keysize != 56) {
90            throw new InvalidParameterException("Wrong keysize: must "
91                                                + "be equal to 56");
92        }
93        this.engineInit(random);
94    }
95
96    /**
97     * Generates the DES key.
98     *
99     * @return the new DES key
100     */
101    protected SecretKey engineGenerateKey() {
102        DESKey desKey = null;
103
104        if (this.random == null) {
105            this.random = SunJCE.getRandom();
106        }
107
108        try {
109            byte[] key = new byte[DESKeySpec.DES_KEY_LEN];
110            do {
111                this.random.nextBytes(key);
112                setParityBit(key, 0);
113            } while (DESKeySpec.isWeak(key, 0));
114            desKey = new DESKey(key);
115        } catch (InvalidKeyException e) {
116            // this is never thrown
117        }
118
119        return desKey;
120    }
121
122    /*
123     * Does parity adjustment, using bit in position 8 as the parity bit,
124     * for 8 key bytes, starting at <code>offset</code>.
125     *
126     * The 8 parity bits of a DES key are only used for sanity-checking
127     * of the key, to see if the key could actually be a key. If you check
128     * the parity of the quantity, and it winds up not having the correct
129     * parity, then you'll know something went wrong.
130     *
131     * A key that is not parity adjusted (e.g. e4e4e4e4e4e4e4e4) produces the
132     * same output as a key that is parity adjusted (e.g. e5e5e5e5e5e5e5e5),
133     * because it is the 56 bits of the DES key that are cryptographically
134     * significant/"effective" -- the other 8 bits are just used for parity
135     * checking.
136     */
137    static void setParityBit(byte[] key, int offset) {
138        if (key == null)
139            return;
140
141        for (int i = 0; i < DESKeySpec.DES_KEY_LEN; i++) {
142            int b = key[offset] & 0xfe;
143            b |= (Integer.bitCount(b) & 1) ^ 1;
144            key[offset++] = (byte)b;
145        }
146    }
147}
148