diff options
-rw-r--r-- | ChangeLog | 19 | ||||
-rw-r--r-- | gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java | 102 | ||||
-rw-r--r-- | gnu/javax/crypto/keyring/PasswordEncryptedEntry.java | 51 | ||||
-rw-r--r-- | gnu/javax/crypto/keyring/PrimitiveEntry.java | 5 |
4 files changed, 112 insertions, 65 deletions
@@ -1,5 +1,24 @@ 2006-05-07 Raif S. Naffah <raif@swiftdsl.com.au> + * gnu/javax/crypto/keyring/PrimitiveEntry.java (PrimitiveEntry): + Use instance's field creationDate not the constructor's argument. + * gnu/javax/crypto/keyring/PasswordEncryptedEntry.java: + Removed unused imports. + Sorted imports. + (log): New field. + (decrypt): Added trace/debug/timing statements. + (encrypt): Likewise. + Use PRNG instead of instantiating every time a new SecureRandom. + * gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java: + Removed unused imports. + Sorted imports. + (log): New field. + (verify): Added trace/debug/timing statements. + (authenticate): Likewise. + Use PRNG instead of instantiating every time a new SecureRandom. + +2006-05-07 Raif S. Naffah <raif@swiftdsl.com.au> + * gnu/classpath/debug/Simple1LineFormatter.java (DAT_FORMAT): Removed. (THREAD_FORMAT): Likewise. (dateFormat): Added field. diff --git a/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java b/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java index 2e3a0d145..4e7e49a0b 100644 --- a/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java +++ b/gnu/javax/crypto/keyring/PasswordAuthenticatedEntry.java @@ -41,6 +41,7 @@ package gnu.javax.crypto.keyring; import gnu.java.security.Registry; import gnu.java.security.prng.IRandom; import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.PRNG; import gnu.java.security.util.Util; import gnu.javax.crypto.mac.IMac; import gnu.javax.crypto.mac.MacFactory; @@ -55,10 +56,10 @@ import java.io.DataInputStream; import java.io.DataOutputStream; import java.io.IOException; import java.security.InvalidKeyException; -import java.security.SecureRandom; import java.util.Arrays; -import java.util.Iterator; import java.util.HashMap; +import java.util.Iterator; +import java.util.logging.Logger; /** * <p>An entry authenticated with a password-based MAC.</p> @@ -66,10 +67,10 @@ import java.util.HashMap; public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry implements PasswordProtectedEntry, Registry { - // Constants and variables // ------------------------------------------------------------------------- + private static final Logger log = Logger.getLogger(PasswordAuthenticatedEntry.class.getName()); public static final int TYPE = 3; // Constructor(s) @@ -145,54 +146,63 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry public void verify(char[] password) { - if (!isMasked() || payload == null) - { - return; - } - IMac m = null; - try - { - m = getMac(password); - } - catch (Exception x) - { - throw new IllegalArgumentException(x.toString()); - } + log.entering(this.getClass().getName(), "verify", String.valueOf(password)); + long tt = - System.currentTimeMillis(); - m.update(payload, 0, payload.length - m.macSize()); - byte[] macValue = new byte[m.macSize()]; - System.arraycopy(payload, payload.length - macValue.length, macValue, 0, - macValue.length); - if (!Arrays.equals(macValue, m.digest())) - { - throw new IllegalArgumentException("MAC verification failed"); - } - try - { - DataInputStream in = new DataInputStream( - new ByteArrayInputStream( - payload, - 0, - payload.length - - m.macSize())); - decodeEnvelope(in); - } - catch (IOException ioe) + if (isMasked() && payload != null) { - throw new IllegalArgumentException("malformed keyring fragment"); + IMac m = null; + try + { + m = getMac(password); + } + catch (Exception x) + { + throw new IllegalArgumentException(x.toString(), x); + } + + int limit = payload.length - m.macSize(); + m.update(payload, 0, limit); + byte[] macValue = new byte[m.macSize()]; + System.arraycopy(payload, payload.length - macValue.length, macValue, 0, + macValue.length); + if (! Arrays.equals(macValue, m.digest())) + throw new IllegalArgumentException("MAC verification failed"); + + ByteArrayInputStream bais; + try + { + bais = new ByteArrayInputStream(payload, 0, limit); + DataInputStream in = new DataInputStream(bais); + decodeEnvelope(in); + } + catch (IOException ioe) + { + throw new IllegalArgumentException("malformed keyring fragment"); + } + setMasked(false); + payload = null; } - setMasked(false); - payload = null; + + tt += System.currentTimeMillis(); + log.finer("Verified in " + tt + "ms."); + log.exiting(this.getClass().getName(), "verify"); } public void authenticate(char[] password) throws IOException { + log.entering(this.getClass().getName(), "authenticate", + String.valueOf(password)); + long tt = - System.currentTimeMillis(); + long t1 = - System.currentTimeMillis(); + if (isMasked()) - { - throw new IllegalStateException("entry is masked"); - } + throw new IllegalStateException("entry is masked"); + byte[] salt = new byte[8]; - new SecureRandom ().nextBytes (salt); + PRNG.getInstance().nextBytes(salt); + t1 += System.currentTimeMillis(); + log.finer("-- Generated salt in " + t1 + "ms."); properties.put("salt", Util.toString(salt)); IMac m = getMac(password); ByteArrayOutputStream bout = new ByteArrayOutputStream(1024); @@ -201,10 +211,18 @@ public final class PasswordAuthenticatedEntry extends MaskableEnvelopeEntry for (Iterator it = entries.iterator(); it.hasNext();) { Entry entry = (Entry) it.next(); + log.finer("-- About to authenticate one " + entry); + t1 = - System.currentTimeMillis(); entry.encode(out2); + t1 += System.currentTimeMillis(); + log.finer("-- Authenticated an Entry in " + t1 + "ms."); } bout.write(m.digest()); payload = bout.toByteArray(); + + tt += System.currentTimeMillis(); + log.finer("Authenticated in " + tt + "ms."); + log.exiting(this.getClass().getName(), "authenticate"); } public void encode(DataOutputStream out, char[] password) throws IOException diff --git a/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java b/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java index 26b4032bd..d67ef0e0a 100644 --- a/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java +++ b/gnu/javax/crypto/keyring/PasswordEncryptedEntry.java @@ -41,8 +41,8 @@ package gnu.javax.crypto.keyring; import gnu.java.security.Registry; import gnu.java.security.prng.IRandom; import gnu.java.security.prng.LimitReachedException; +import gnu.java.security.util.PRNG; import gnu.java.security.util.Util; - import gnu.javax.crypto.cipher.CipherFactory; import gnu.javax.crypto.cipher.IBlockCipher; import gnu.javax.crypto.mode.IMode; @@ -58,16 +58,10 @@ import java.io.ByteArrayOutputStream; import java.io.DataInputStream; import java.io.DataOutputStream; import java.io.IOException; - import java.security.InvalidKeyException; -import java.security.SecureRandom; - -import java.util.Arrays; -import java.util.Collections; -import java.util.Date; -import java.util.Iterator; import java.util.HashMap; -import java.util.List; +import java.util.Iterator; +import java.util.logging.Logger; /** * An envelope that is encrypted with a password-derived key. @@ -75,10 +69,10 @@ import java.util.List; public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements PasswordProtectedEntry, Registry { - // Constants and fields. // ------------------------------------------------------------------------ + private static final Logger log = Logger.getLogger(PasswordEncryptedEntry.class.getName()); public static final int TYPE = 1; // Constructors. @@ -138,10 +132,12 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements public void decrypt(char[] password) throws IllegalArgumentException, WrongPaddingException { + log.entering(this.getClass().getName(), "decrypt", String.valueOf(password)); + long tt = - System.currentTimeMillis(); + if (!isMasked() || payload == null) - { - return; - } + return; + IMode mode = getMode(password, IMode.DECRYPTION); IPad padding = PadFactory.getInstance("PKCS7"); padding.init(mode.currentBlockSize()); @@ -153,12 +149,9 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements count += mode.currentBlockSize(); } int padlen = padding.unpad(buf, 0, buf.length); - DataInputStream in = new DataInputStream( - new ByteArrayInputStream( - buf, - 0, - buf.length - - padlen)); + ByteArrayInputStream baos = new ByteArrayInputStream(buf, 0, + buf.length - padlen); + DataInputStream in = new DataInputStream(baos); try { decodeEnvelope(in); @@ -169,12 +162,22 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements } setMasked(false); payload = null; + + tt += System.currentTimeMillis(); + log.finer("Decrypted in " + tt + "ms."); + log.exiting(this.getClass().getName(), "decrypt"); } public void encrypt(char[] password) throws IOException { + log.entering(this.getClass().getName(), "encrypt", String.valueOf(password)); + long tt = - System.currentTimeMillis(); + long t1 = - System.currentTimeMillis(); + byte[] salt = new byte[8]; - new SecureRandom ().nextBytes (salt); + PRNG.getInstance().nextBytes(salt); + t1 += System.currentTimeMillis(); + log.finer("-- Generated salt in " + t1 + "ms."); properties.put("salt", Util.toString(salt)); IMode mode = getMode(password, IMode.ENCRYPTION); IPad pad = PadFactory.getInstance("PKCS7"); @@ -184,7 +187,11 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements for (Iterator it = entries.iterator(); it.hasNext();) { Entry entry = (Entry) it.next(); + log.finer("-- About to encode one " + entry); + t1 = - System.currentTimeMillis(); entry.encode(out2); + t1 += System.currentTimeMillis(); + log.finer("-- Encoded an Entry in " + t1 + "ms."); } byte[] plaintext = bout.toByteArray(); byte[] padding = pad.pad(plaintext, 0, plaintext.length); @@ -200,6 +207,10 @@ public class PasswordEncryptedEntry extends MaskableEnvelopeEntry implements count += mode.currentBlockSize(); } mode.update(lastBlock, 0, payload, count); + + tt += System.currentTimeMillis(); + log.finer("Encrypted in " + tt + "ms."); + log.exiting(this.getClass().getName(), "encrypt"); } public void encode(DataOutputStream out, char[] password) throws IOException diff --git a/gnu/javax/crypto/keyring/PrimitiveEntry.java b/gnu/javax/crypto/keyring/PrimitiveEntry.java index 4c9ff0ff1..f5e63e996 100644 --- a/gnu/javax/crypto/keyring/PrimitiveEntry.java +++ b/gnu/javax/crypto/keyring/PrimitiveEntry.java @@ -69,10 +69,9 @@ public abstract class PrimitiveEntry extends Entry if (!this.properties.containsKey("alias") || this.properties.get("alias").length() == 0) { - throw new IllegalArgumentException( - "primitive entries MUST have an alias"); + throw new IllegalArgumentException("primitive entries MUST have an alias"); } - this.properties.put("creation-date", String.valueOf(creationDate.getTime())); + this.properties.put("creation-date", String.valueOf(this.creationDate.getTime())); } protected PrimitiveEntry(int type) |