Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

sun.security.mule.krb5.internal.crypto.dk
Class AesDkCrypto

java.lang.Object
  extended by sun.security.mule.krb5.internal.crypto.dk.DkCrypto
      extended by sun.security.mule.krb5.internal.crypto.dk.AesDkCrypto

public class AesDkCrypto
extends DkCrypto

This class provides the implementation of AES Encryption for Kerberos as defined RFC 3962. http://www.ietf.org/rfc/rfc3962.txt Algorithm profile described in [KCRYPTO]: +--------------------------------------------------------------------+ | protocol key format 128- or 256-bit string | | | | string-to-key function PBKDF2+DK with variable | | iteration count (see | | above) | | | | default string-to-key parameters 00 00 10 00 | | | | key-generation seed length key size | | | | random-to-key function identity function | | | | hash function, H SHA-1 | | | | HMAC output size, h 12 octets (96 bits) | | | | message block size, m 1 octet | | | | encryption/decryption functions, AES in CBC-CTS mode | | E and D (cipher block size 16 | | octets), with next to | | last block as CBC-style | | ivec | +--------------------------------------------------------------------+ Supports AES128 and AES256

Author:
Seema Malkani

Constructor Summary
AesDkCrypto(int length)
           
 
Method Summary
 byte[] calculateChecksum(byte[] baseKey, int usage, byte[] input, int start, int len)
          Calculate the checksum
 byte[] decrypt(byte[] baseKey, int usage, byte[] ivec, byte[] ciphertext, int start, int len)
           
 byte[] decryptRaw(byte[] baseKey, int usage, byte[] ivec, byte[] ciphertext, int start, int len)
          Decrypts data using specified key and initial vector.
 byte[] encrypt(byte[] baseKey, int usage, byte[] ivec, byte[] new_ivec, byte[] plaintext, int start, int len)
          Performs encryption using derived key; adds confounder.
 byte[] encryptRaw(byte[] baseKey, int usage, byte[] ivec, byte[] plaintext, int start, int len)
          Performs encryption using derived key; does not add confounder.
 int getChecksumLength()
           
protected  Cipher getCipher(byte[] key, byte[] ivec, int mode)
           
protected  byte[] getHmac(byte[] key, byte[] msg)
          Get the truncated HMAC
protected  int getKeySeedLength()
           
protected  byte[] randomToKey(byte[] in)
           
static int readBigEndian(byte[] data, int pos, int size)
           
 byte[] stringToKey(char[] password, String salt, byte[] s2kparams)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AesDkCrypto

public AesDkCrypto(int length)
Method Detail

getKeySeedLength

protected int getKeySeedLength()
Specified by:
getKeySeedLength in class DkCrypto

stringToKey

public byte[] stringToKey(char[] password,
                          String salt,
                          byte[] s2kparams)
                   throws GeneralSecurityException
Throws:
GeneralSecurityException

randomToKey

protected byte[] randomToKey(byte[] in)
Specified by:
randomToKey in class DkCrypto

getCipher

protected Cipher getCipher(byte[] key,
                           byte[] ivec,
                           int mode)
                    throws GeneralSecurityException
Specified by:
getCipher in class DkCrypto
Throws:
GeneralSecurityException

getChecksumLength

public int getChecksumLength()
Specified by:
getChecksumLength in class DkCrypto

getHmac

protected byte[] getHmac(byte[] key,
                         byte[] msg)
                  throws GeneralSecurityException
Get the truncated HMAC

Specified by:
getHmac in class DkCrypto
Throws:
GeneralSecurityException

calculateChecksum

public byte[] calculateChecksum(byte[] baseKey,
                                int usage,
                                byte[] input,
                                int start,
                                int len)
                         throws GeneralSecurityException
Calculate the checksum

Overrides:
calculateChecksum in class DkCrypto
Throws:
GeneralSecurityException

encrypt

public byte[] encrypt(byte[] baseKey,
                      int usage,
                      byte[] ivec,
                      byte[] new_ivec,
                      byte[] plaintext,
                      int start,
                      int len)
               throws GeneralSecurityException,
                      KrbCryptoException
Performs encryption using derived key; adds confounder.

Overrides:
encrypt in class DkCrypto
ivec - initial vector to use when initializing the cipher; if null, then blocksize number of zeros are used,
new_ivec - if non-null, it is updated upon return to be the new ivec to use when calling encrypt next time
Throws:
GeneralSecurityException
KrbCryptoException

encryptRaw

public byte[] encryptRaw(byte[] baseKey,
                         int usage,
                         byte[] ivec,
                         byte[] plaintext,
                         int start,
                         int len)
                  throws GeneralSecurityException,
                         KrbCryptoException
Performs encryption using derived key; does not add confounder.

Overrides:
encryptRaw in class DkCrypto
Throws:
GeneralSecurityException
KrbCryptoException

decrypt

public byte[] decrypt(byte[] baseKey,
                      int usage,
                      byte[] ivec,
                      byte[] ciphertext,
                      int start,
                      int len)
               throws GeneralSecurityException
Overrides:
decrypt in class DkCrypto
Parameters:
baseKey - key from which keys are to be derived using usage
ciphertext - E(Ke, conf | plaintext | padding, ivec) | H1[1..h]
Throws:
GeneralSecurityException

decryptRaw

public byte[] decryptRaw(byte[] baseKey,
                         int usage,
                         byte[] ivec,
                         byte[] ciphertext,
                         int start,
                         int len)
                  throws GeneralSecurityException
Decrypts data using specified key and initial vector.

Overrides:
decryptRaw in class DkCrypto
Parameters:
baseKey - encryption key to use
ciphertext - encrypted data to be decrypted
usage - ignored
Throws:
GeneralSecurityException

readBigEndian

public static final int readBigEndian(byte[] data,
                                      int pos,
                                      int size)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2013. All Rights Reserved.