1/* 2 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26package com.sun.crypto.provider; 27 28import java.security.SecureRandom; 29import java.security.InvalidParameterException; 30import java.security.InvalidAlgorithmParameterException; 31import java.security.InvalidKeyException; 32import java.security.spec.AlgorithmParameterSpec; 33import javax.crypto.KeyGeneratorSpi; 34import javax.crypto.SecretKey; 35import javax.crypto.spec.DESKeySpec; 36 37/** 38 * This class generates a DES key. 39 * 40 * @author Jan Luehe 41 * 42 */ 43 44public final class DESKeyGenerator extends KeyGeneratorSpi { 45 46 private SecureRandom random = null; 47 48 /** 49 * Empty constructor 50 */ 51 public DESKeyGenerator() { 52 } 53 54 /** 55 * Initializes this key generator. 56 * 57 * @param random the source of randomness for this generator 58 */ 59 protected void engineInit(SecureRandom random) { 60 this.random = random; 61 } 62 63 /** 64 * Initializes this key generator with the specified parameter 65 * set and a user-provided source of randomness. 66 * 67 * @param params the key generation parameters 68 * @param random the source of randomness for this key generator 69 * 70 * @exception InvalidAlgorithmParameterException if <code>params</code> is 71 * inappropriate for this key generator 72 */ 73 protected void engineInit(AlgorithmParameterSpec params, 74 SecureRandom random) 75 throws InvalidAlgorithmParameterException { 76 throw new InvalidAlgorithmParameterException 77 ("DES key generation does not take any parameters"); 78 } 79 80 /** 81 * Initializes this key generator for a certain keysize, using the given 82 * source of randomness. 83 * 84 * @param keysize the keysize. This is an algorithm-specific 85 * metric specified in number of bits. 86 * @param random the source of randomness for this key generator 87 */ 88 protected void engineInit(int keysize, SecureRandom random) { 89 if (keysize != 56) { 90 throw new InvalidParameterException("Wrong keysize: must " 91 + "be equal to 56"); 92 } 93 this.engineInit(random); 94 } 95 96 /** 97 * Generates the DES key. 98 * 99 * @return the new DES key 100 */ 101 protected SecretKey engineGenerateKey() { 102 DESKey desKey = null; 103 104 if (this.random == null) { 105 this.random = SunJCE.getRandom(); 106 } 107 108 try { 109 byte[] key = new byte[DESKeySpec.DES_KEY_LEN]; 110 do { 111 this.random.nextBytes(key); 112 setParityBit(key, 0); 113 } while (DESKeySpec.isWeak(key, 0)); 114 desKey = new DESKey(key); 115 } catch (InvalidKeyException e) { 116 // this is never thrown 117 } 118 119 return desKey; 120 } 121 122 /* 123 * Does parity adjustment, using bit in position 8 as the parity bit, 124 * for 8 key bytes, starting at <code>offset</code>. 125 * 126 * The 8 parity bits of a DES key are only used for sanity-checking 127 * of the key, to see if the key could actually be a key. If you check 128 * the parity of the quantity, and it winds up not having the correct 129 * parity, then you'll know something went wrong. 130 * 131 * A key that is not parity adjusted (e.g. e4e4e4e4e4e4e4e4) produces the 132 * same output as a key that is parity adjusted (e.g. e5e5e5e5e5e5e5e5), 133 * because it is the 56 bits of the DES key that are cryptographically 134 * significant/"effective" -- the other 8 bits are just used for parity 135 * checking. 136 */ 137 static void setParityBit(byte[] key, int offset) { 138 if (key == null) 139 return; 140 141 for (int i = 0; i < DESKeySpec.DES_KEY_LEN; i++) { 142 int b = key[offset] & 0xfe; 143 b |= (Integer.bitCount(b) & 1) ^ 1; 144 key[offset++] = (byte)b; 145 } 146 } 147} 148