| package org.bouncycastle.crypto.modes; |
| |
| import org.bouncycastle.crypto.BlockCipher; |
| import org.bouncycastle.crypto.CipherParameters; |
| import org.bouncycastle.crypto.DataLengthException; |
| import org.bouncycastle.crypto.params.ParametersWithIV; |
| import org.bouncycastle.util.Arrays; |
| |
| /** |
| * implements a Cipher-FeedBack (CFB) mode on top of a simple cipher. |
| */ |
| public class CFBBlockCipher |
| implements BlockCipher |
| { |
| private byte[] IV; |
| private byte[] cfbV; |
| private byte[] cfbOutV; |
| |
| private int blockSize; |
| private BlockCipher cipher = null; |
| private boolean encrypting; |
| |
| /** |
| * Basic constructor. |
| * |
| * @param cipher the block cipher to be used as the basis of the |
| * feedback mode. |
| * @param bitBlockSize the block size in bits (note: a multiple of 8) |
| */ |
| public CFBBlockCipher( |
| BlockCipher cipher, |
| int bitBlockSize) |
| { |
| this.cipher = cipher; |
| this.blockSize = bitBlockSize / 8; |
| |
| this.IV = new byte[cipher.getBlockSize()]; |
| this.cfbV = new byte[cipher.getBlockSize()]; |
| this.cfbOutV = new byte[cipher.getBlockSize()]; |
| } |
| |
| /** |
| * return the underlying block cipher that we are wrapping. |
| * |
| * @return the underlying block cipher that we are wrapping. |
| */ |
| public BlockCipher getUnderlyingCipher() |
| { |
| return cipher; |
| } |
| |
| /** |
| * Initialise the cipher and, possibly, the initialisation vector (IV). |
| * If an IV isn't passed as part of the parameter, the IV will be all zeros. |
| * An IV which is too short is handled in FIPS compliant fashion. |
| * |
| * @param encrypting if true the cipher is initialised for |
| * encryption, if false for decryption. |
| * @param params the key and other data required by the cipher. |
| * @exception IllegalArgumentException if the params argument is |
| * inappropriate. |
| */ |
| public void init( |
| boolean encrypting, |
| CipherParameters params) |
| throws IllegalArgumentException |
| { |
| this.encrypting = encrypting; |
| |
| if (params instanceof ParametersWithIV) |
| { |
| ParametersWithIV ivParam = (ParametersWithIV)params; |
| byte[] iv = ivParam.getIV(); |
| |
| if (iv.length < IV.length) |
| { |
| // prepend the supplied IV with zeros (per FIPS PUB 81) |
| System.arraycopy(iv, 0, IV, IV.length - iv.length, iv.length); |
| for (int i = 0; i < IV.length - iv.length; i++) |
| { |
| IV[i] = 0; |
| } |
| } |
| else |
| { |
| System.arraycopy(iv, 0, IV, 0, IV.length); |
| } |
| |
| reset(); |
| |
| // if null it's an IV changed only. |
| if (ivParam.getParameters() != null) |
| { |
| cipher.init(true, ivParam.getParameters()); |
| } |
| } |
| else |
| { |
| reset(); |
| |
| // if it's null, key is to be reused. |
| if (params != null) |
| { |
| cipher.init(true, params); |
| } |
| } |
| } |
| |
| /** |
| * return the algorithm name and mode. |
| * |
| * @return the name of the underlying algorithm followed by "/CFB" |
| * and the block size in bits. |
| */ |
| public String getAlgorithmName() |
| { |
| return cipher.getAlgorithmName() + "/CFB" + (blockSize * 8); |
| } |
| |
| /** |
| * return the block size we are operating at. |
| * |
| * @return the block size we are operating at (in bytes). |
| */ |
| public int getBlockSize() |
| { |
| return blockSize; |
| } |
| |
| /** |
| * Process one block of input from the array in and write it to |
| * the out array. |
| * |
| * @param in the array containing the input data. |
| * @param inOff offset into the in array the data starts at. |
| * @param out the array the output data will be copied into. |
| * @param outOff the offset into the out array the output will start at. |
| * @exception DataLengthException if there isn't enough data in in, or |
| * space in out. |
| * @exception IllegalStateException if the cipher isn't initialised. |
| * @return the number of bytes processed and produced. |
| */ |
| public int processBlock( |
| byte[] in, |
| int inOff, |
| byte[] out, |
| int outOff) |
| throws DataLengthException, IllegalStateException |
| { |
| return (encrypting) ? encryptBlock(in, inOff, out, outOff) : decryptBlock(in, inOff, out, outOff); |
| } |
| |
| /** |
| * Do the appropriate processing for CFB mode encryption. |
| * |
| * @param in the array containing the data to be encrypted. |
| * @param inOff offset into the in array the data starts at. |
| * @param out the array the encrypted data will be copied into. |
| * @param outOff the offset into the out array the output will start at. |
| * @exception DataLengthException if there isn't enough data in in, or |
| * space in out. |
| * @exception IllegalStateException if the cipher isn't initialised. |
| * @return the number of bytes processed and produced. |
| */ |
| public int encryptBlock( |
| byte[] in, |
| int inOff, |
| byte[] out, |
| int outOff) |
| throws DataLengthException, IllegalStateException |
| { |
| if ((inOff + blockSize) > in.length) |
| { |
| throw new DataLengthException("input buffer too short"); |
| } |
| |
| if ((outOff + blockSize) > out.length) |
| { |
| throw new DataLengthException("output buffer too short"); |
| } |
| |
| cipher.processBlock(cfbV, 0, cfbOutV, 0); |
| |
| // |
| // XOR the cfbV with the plaintext producing the ciphertext |
| // |
| for (int i = 0; i < blockSize; i++) |
| { |
| out[outOff + i] = (byte)(cfbOutV[i] ^ in[inOff + i]); |
| } |
| |
| // |
| // change over the input block. |
| // |
| System.arraycopy(cfbV, blockSize, cfbV, 0, cfbV.length - blockSize); |
| System.arraycopy(out, outOff, cfbV, cfbV.length - blockSize, blockSize); |
| |
| return blockSize; |
| } |
| |
| /** |
| * Do the appropriate processing for CFB mode decryption. |
| * |
| * @param in the array containing the data to be decrypted. |
| * @param inOff offset into the in array the data starts at. |
| * @param out the array the encrypted data will be copied into. |
| * @param outOff the offset into the out array the output will start at. |
| * @exception DataLengthException if there isn't enough data in in, or |
| * space in out. |
| * @exception IllegalStateException if the cipher isn't initialised. |
| * @return the number of bytes processed and produced. |
| */ |
| public int decryptBlock( |
| byte[] in, |
| int inOff, |
| byte[] out, |
| int outOff) |
| throws DataLengthException, IllegalStateException |
| { |
| if ((inOff + blockSize) > in.length) |
| { |
| throw new DataLengthException("input buffer too short"); |
| } |
| |
| if ((outOff + blockSize) > out.length) |
| { |
| throw new DataLengthException("output buffer too short"); |
| } |
| |
| cipher.processBlock(cfbV, 0, cfbOutV, 0); |
| |
| // |
| // change over the input block. |
| // |
| System.arraycopy(cfbV, blockSize, cfbV, 0, cfbV.length - blockSize); |
| System.arraycopy(in, inOff, cfbV, cfbV.length - blockSize, blockSize); |
| |
| // |
| // XOR the cfbV with the ciphertext producing the plaintext |
| // |
| for (int i = 0; i < blockSize; i++) |
| { |
| out[outOff + i] = (byte)(cfbOutV[i] ^ in[inOff + i]); |
| } |
| |
| return blockSize; |
| } |
| |
| /** |
| * Return the current state of the initialisation vector. |
| * |
| * @return current IV |
| */ |
| public byte[] getCurrentIV() |
| { |
| return Arrays.clone(cfbV); |
| } |
| |
| /** |
| * reset the chaining vector back to the IV and reset the underlying |
| * cipher. |
| */ |
| public void reset() |
| { |
| System.arraycopy(IV, 0, cfbV, 0, IV.length); |
| |
| cipher.reset(); |
| } |
| } |
