/modules/quercus/src/com/caucho/quercus/lib/mcrypt/Mcrypt.java
Java | 393 lines | 250 code | 54 blank | 89 comment | 77 complexity | 033c1c73c4485c7899d58cdbf842fdae MD5 | raw file
- /*
- * Copyright (c) 1998-2010 Caucho Technology -- all rights reserved
- *
- * This file is part of Resin(R) Open Source
- *
- * Each copy or derived work must preserve the copyright notice and this
- * notice unmodified.
- *
- * Resin Open Source is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * Resin Open Source is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
- * of NON-INFRINGEMENT. See the GNU General Public License for more
- * details.
- *
- * You should have received a copy of the GNU General Public License
- * along with Resin Open Source; if not, write to the
- *
- * Free Software Foundation, Inc.
- * 59 Temple Place, Suite 330
- * Boston, MA 02111-1307 USA
- *
- * @author Scott Ferguson
- */
- package com.caucho.quercus.lib.mcrypt;
- import com.caucho.quercus.QuercusRuntimeException;
- import com.caucho.quercus.env.ArrayValue;
- import com.caucho.quercus.env.ArrayValueImpl;
- import com.caucho.quercus.env.Env;
- import com.caucho.quercus.env.Value;
- import com.caucho.util.L10N;
- import javax.crypto.Cipher;
- import javax.crypto.spec.IvParameterSpec;
- import javax.crypto.spec.SecretKeySpec;
- import java.security.Key;
- import java.util.logging.Logger;
- /**
- * Encryption class
- */
- public class Mcrypt {
- private static final L10N L = new L10N(Mcrypt.class);
- private static final Logger log =
- Logger.getLogger(Mcrypt.class.getName());
- private final String _algorithm;
- private final String _mode;
- private final Cipher _cipher;
- private Key _key;
- private IvParameterSpec _iv;
- Mcrypt(Env env, String algorithm, String mode)
- throws Exception
- {
- _algorithm = algorithm;
- _mode = mode.toUpperCase();
- String transformation = getTransformation(algorithm, mode);
- if (transformation == null)
- throw new QuercusRuntimeException(L.l("'{0}' is an unknown algorithm",
- algorithm));
- _cipher = Cipher.getInstance(transformation);
- }
- /**
- * Uninitialize data.
- */
- public boolean deinit()
- {
- return false;
- }
- /**
- * Encrypts data.
- */
- public byte []decrypt(byte []data)
- {
- try {
- _cipher.init(Cipher.DECRYPT_MODE, _key, _iv);
- int blockSize = _cipher.getBlockSize();
- return _cipher.doFinal(data);
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
- /**
- * Encrypts data.
- */
- public byte []encrypt(byte []data)
- {
- try {
- _cipher.init(Cipher.ENCRYPT_MODE, _key, _iv);
- if (isPadded())
- data = pad(data);
- return _cipher.doFinal(data);
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
- /**
- * Returns the block size.
- */
- public int get_block_size()
- {
- return _cipher.getBlockSize();
- }
- /**
- * Returns the initialization vector size.
- */
- public String get_algorithms_name()
- {
- return _algorithm;
- }
- /**
- * Returns the initialization vector size.
- */
- public int get_iv_size()
- {
- if (_mode.equals("OFB"))
- return _cipher.getBlockSize();
- else if (_mode.equals("CFB"))
- return _cipher.getBlockSize();
- else if (_mode.equals("CBC"))
- return _cipher.getBlockSize();
- else if (_mode.equals("ECB"))
- return _cipher.getBlockSize();
- else
- return 0;
- }
- /**
- * Returns the supported key sizes
- */
- public Value get_supported_key_sizes()
- {
- ArrayValue value = new ArrayValueImpl();
- // php/1q0c - can mix any key size with any block size
- if (McryptModule.MCRYPT_RIJNDAEL_128.equals(_algorithm)) {
- value.put(128 / 8);
- value.put(192 / 8);
- value.put(256 / 8);
- }
- else if (McryptModule.MCRYPT_RIJNDAEL_192.equals(_algorithm)) {
- value.put(128 / 8);
- value.put(192 / 8);
- value.put(256 / 8);
- }
- else if (McryptModule.MCRYPT_RIJNDAEL_256.equals(_algorithm)) {
- value.put(128 / 8);
- value.put(192 / 8);
- value.put(256 / 8);
- }
- else if (McryptModule.MCRYPT_3DES.equals(_algorithm)) {
- value.put(24);
- }
- else if (McryptModule.MCRYPT_DES.equals(_algorithm)) {
- value.put(8);
- }
- return value;
- }
- /**
- * Returns the maximum key size in bytes.
- */
- public int get_key_size()
- {
- // php/1q0s - php mcrypt allows up to 256 bit keys for Rijndael of any
- // block size. The number in the algorithm string is the block size.
- // Note that when they say "Rijndael", they are not referring to AES,
- // which has a fixed block size of 128 bits.
- if (McryptModule.MCRYPT_RIJNDAEL_128.equals(_algorithm))
- return 256 / 8;
- else if (McryptModule.MCRYPT_RIJNDAEL_192.equals(_algorithm))
- return 256 / 8;
- else if (McryptModule.MCRYPT_RIJNDAEL_256.equals(_algorithm))
- return 256 / 8;
- else if (McryptModule.MCRYPT_3DES.equals(_algorithm))
- return 24;
- else if (McryptModule.MCRYPT_BLOWFISH.equals(_algorithm))
- return 56;
- else
- return get_block_size();
- }
- private boolean isPadKey()
- {
- if (McryptModule.MCRYPT_BLOWFISH.equals(_algorithm))
- return false;
- else
- return true;
- }
- /**
- * Pads a key up to the next accepted size for the given cipher.
- * Follows php mcrypt behavior php/1q0x
- **/
- private byte []padKey(byte []keyData)
- {
- int keySize = get_key_size();
- int len = keyData.length;
- if (McryptModule.MCRYPT_RIJNDAEL_128.equals(_algorithm)
- || McryptModule.MCRYPT_RIJNDAEL_192.equals(_algorithm)
- || McryptModule.MCRYPT_RIJNDAEL_256.equals(_algorithm)) {
- if (len <= 16)
- keySize = 16;
- else if (len <= 24)
- keySize = 24;
- else if (len <= 32)
- keySize = 32;
- else
- throw new QuercusRuntimeException(
- L.l("Key too large for algorithm ({0} > 32)", len));
- }
- if (len == keySize)
- return keyData;
- else {
- byte []paddedKey = new byte[keySize];
- System.arraycopy(keyData, 0, paddedKey, 0, len);
- return paddedKey;
- }
- }
- /**
- * Returns the initialization vector size.
- */
- public String get_modes_name()
- {
- return _mode;
- }
- /**
- * Initialize the crypt.
- */
- public int init(byte []keyBytesArg, byte []iv)
- {
- byte []keyBytes;
- if (isPadKey())
- keyBytes = padKey(keyBytesArg);
- else
- keyBytes = keyBytesArg;
- _key = new SecretKeySpec(keyBytes, getAlgorithm(_algorithm));
- if (iv == null)
- _iv = null;
- else if (_mode.equals("CBC") || _mode.equals("CFB") || _mode.equals("OFB"))
- _iv = new IvParameterSpec(iv);
- else
- _iv = null;
- return 0;
- }
- /**
- * Returns true for block algorithms
- */
- public boolean is_block_algorithm()
- {
- if (_algorithm.equals(McryptModule.MCRYPT_BLOWFISH))
- return false;
- else
- return true;
- }
- /**
- * Returns true for block algorithms
- */
- public boolean is_block_algorithm_mode()
- {
- return _mode.equals("CBC") || _mode.equals("CFB") || _mode.equals("OFB");
- }
- /**
- * Returns true for block algorithms
- */
- public boolean is_block_mode()
- {
- return _mode.equals("CBC") || _mode.equals("ECB");
- }
- private byte []pad(byte []data)
- {
- int blockSize = get_block_size();
- int len = data.length;
- int offset = len % blockSize;
- if (offset == 0)
- return data;
- else {
- byte []pad = new byte[len + blockSize - offset];
- System.arraycopy(data, 0, pad, 0, data.length);
- return pad;
- }
- }
- private boolean isPadded()
- {
- if (_mode.equals("CFB") || _mode.equals("OFB"))
- return false;
- return true;
- }
- /**
- * Closes the mcrypt.
- */
- public void close()
- {
- }
- private static String getTransformation(String algorithm, String mode)
- throws Exception
- {
- mode = mode.toUpperCase();
- // php/1q02 & php/1q0s
- // mcrypt thinks OFB == OFB8 while Java thinks OFB == OFB64
- if (mode.equals("OFB"))
- mode = "OFB8";
- // XXX Sun and BC don't provide 192 and 256 Rijndael at
- // this time, probably because they were rejected by the AES
- // standard, but mcrypt does. Using numbers in the mode part just
- // selects the mode block size, not the cipher block size.
- if (McryptModule.MCRYPT_RIJNDAEL_128.equals(algorithm))
- return "AES/" + mode + "/NoPadding";
- else if (McryptModule.MCRYPT_RIJNDAEL_192.equals(algorithm))
- return "Rijndael192/" + mode + "/NoPadding";
- else if (McryptModule.MCRYPT_RIJNDAEL_256.equals(algorithm))
- return "Rijndael256/" + mode + "/NoPadding";
- else if (McryptModule.MCRYPT_DES.equals(algorithm))
- return "DES/" + mode + "/NoPadding";
- else if (McryptModule.MCRYPT_3DES.equals(algorithm))
- return "DESede/" + mode + "/NoPadding";
- else if (McryptModule.MCRYPT_BLOWFISH.equals(algorithm)) {
- // php/1q0t, #2561
- return "Blowfish/" + mode + "/NoPadding";
- }
- else if (McryptModule.MCRYPT_ARCFOUR.equals(algorithm)
- || McryptModule.MCRYPT_RC4.equals(algorithm))
- return "ARCFOUR/" + mode + "/NoPadding";
- else
- return algorithm + '/' + mode + "/NoPadding";
- }
- private static String getAlgorithm(String algorithm)
- {
- if (McryptModule.MCRYPT_RIJNDAEL_128.equals(algorithm))
- return "AES";
- else if (McryptModule.MCRYPT_RIJNDAEL_192.equals(algorithm)
- || McryptModule.MCRYPT_RIJNDAEL_256.equals(algorithm))
- return "Rijndael";
- else if (McryptModule.MCRYPT_3DES.equals(algorithm))
- return "DESede";
- else
- return algorithm;
- }
- public String toString()
- {
- return "Mcrypt[" + _algorithm + ", " + _mode + "]";
- }
- }