Produced by Araxis Merge on 9/25/2018 2:13:23 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\sun\security\krb5\internal\crypto\dk | Des3DkCrypto.java | Mon Jan 22 14:46:54 2018 UTC |
2 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\sun\security\krb5\internal\crypto\dk | Des3DkCrypto.java | Wed Sep 12 17:52:46 2018 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 5 | 438 |
Changed | 4 | 8 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | /* | |
2 | * Copyrig ht (c) 200 4, 2009, O racle and/ or its aff iliates. A ll rights reserved. | |
3 | * DO NOT ALTER OR R EMOVE COPY RIGHT NOTI CES OR THI S FILE HEA DER. | |
4 | * | |
5 | * This co de is free software; you can r edistribut e it and/o r modify i t | |
6 | * under t he terms o f the GNU General Pu blic Licen se version 2 only, a s | |
7 | * publish ed by the Free Softw are Founda tion. Ora cle design ates this | |
8 | * particu lar file a s subject to the "Cl asspath" e xception a s provided | |
9 | * by Orac le in the LICENSE fi le that ac companied this code. | |
10 | * | |
11 | * This co de is dist ributed in the hope that it wi ll be usef ul, but WI THOUT | |
12 | * ANY WAR RANTY; wit hout even the implie d warranty of MERCHA NTABILITY or | |
13 | * FITNESS FOR A PAR TICULAR PU RPOSE. Se e the GNU General Pu blic Licen se | |
14 | * version 2 for mor e details (a copy is included in the LIC ENSE file that | |
15 | * accompa nied this code). | |
16 | * | |
17 | * You sho uld have r eceived a copy of th e GNU Gene ral Public License v ersion | |
18 | * 2 along with this work; if not, write to the Fr ee Softwar e Foundati on, | |
19 | * Inc., 5 1 Franklin St, Fifth Floor, Bo ston, MA 0 2110-1301 USA. | |
20 | * | |
21 | * Please contact Or acle, 500 Oracle Par kway, Redw ood Shores , CA 94065 USA | |
22 | * or visi t www.orac le.com if you need a dditional informatio n or have any | |
23 | * questio ns. | |
24 | */ | |
25 | ||
26 | package su n.security .krb5.inte rnal.crypt o.dk; | |
27 | ||
28 | import jav ax.crypto. Cipher; | |
29 | import jav ax.crypto. Mac; | |
30 | import jav ax.crypto. SecretKeyF actory; | |
31 | import jav ax.crypto. SecretKey; | |
32 | import jav ax.crypto. spec.Secre tKeySpec; | |
33 | import jav ax.crypto. spec.DESKe ySpec; | |
34 | import jav ax.crypto. spec.DESed eKeySpec; | |
35 | import jav ax.crypto. spec.IvPar ameterSpec ; | |
36 | import jav a.security .spec.KeyS pec; | |
37 | import jav a.security .GeneralSe curityExce ption; | |
38 | import jav a.security .InvalidKe yException ; | |
39 | import jav a.util.Arr ays; | |
40 | ||
41 | public cla ss Des3DkC rypto exte nds DkCryp to { | |
42 | ||
43 | privat e static f inal byte[ ] ZERO_IV = new byte [] {0, 0, 0, 0, 0, 0 , 0, 0}; | |
44 | ||
45 | public Des3DkCry pto() { | |
46 | } | |
47 | ||
48 | protec ted int ge tKeySeedLe ngth() { | |
49 | re turn 168; // bits; 3DES key material h as 21 byte s | |
50 | } | |
51 | ||
52 | public byte[] st ringToKey( char[] sal t) throws GeneralSec urityExcep tion { | |
53 | by te[] saltU tf8 = null ; | |
54 | tr y { | |
55 | saltUtf8 = charToU tf8(salt); | |
56 | return s tringToKey (saltUtf8, null); | |
57 | } finally { | |
58 | if (salt Utf8 != nu ll) { | |
59 | Arra ys.fill(sa ltUtf8, (b yte)0); | |
60 | } | |
61 | // Calle r responsi ble for cl earing its own salt | |
62 | } | |
63 | } | |
64 | ||
65 | private by te[] strin gToKey(byt e[] PW AndSalt, b yte[] opaq ue) | |
66 | th rows Gener alSecurity Exception { | |
67 | ||
68 | if (opaque ! = null && opaque.len gth > 0) { | |
69 | throw ne w RuntimeE xception(" Invalid pa rameter to stringToK ey"); | |
70 | } | |
71 | ||
72 | byte[] tmp Key = rand omToKey(nf old( PW AndSalt, g etKeySeedL ength())); | |
73 | re turn dk(tm pKey, KERB EROS_CONST ANT); | |
74 | } | |
75 | ||
76 | public byte[] pa rityFix(by te[] value ) | |
77 | th rows Gener alSecurity Exception { | |
78 | // fix key p arity | |
79 | se tParityBit (value); | |
80 | re turn value ; | |
81 | } | |
82 | ||
83 | /* | |
84 | * Fro m RFC 3961 . | |
85 | * | |
86 | * The 168 bits of random key data a re convert ed to a pr otocol key value | |
87 | * as follows. First, the 168 bits are divide d into thr ee groups of 56 | |
88 | * bit s, which a re expande d individu ally into 64 bits as in des3Ex pand(). | |
89 | * Res ult is a 2 4 byte (19 2-bit) key . | |
90 | */ | |
91 | protec ted byte[] randomToK ey(byte[] in) { | |
92 | if (in.lengt h != 21) { | |
93 | throw ne w IllegalA rgumentExc eption("in put must b e 168 bits "); | |
94 | } | |
95 | ||
96 | by te[] one = keyCorrec tion(des3E xpand(in, 0, 7)); | |
97 | by te[] two = keyCorrec tion(des3E xpand(in, 7, 14)); | |
98 | by te[] three = keyCorr ection(des 3Expand(in , 14, 21)) ; | |
99 | ||
100 | by te[] key = new byte[ 24]; | |
101 | Sy stem.array copy(one, 0, key, 0, 8); | |
102 | Sy stem.array copy(two, 0, key, 8, 8); | |
103 | Sy stem.array copy(three , 0, key, 16, 8); | |
104 | ||
105 | re turn key; | |
106 | } | |
107 | ||
108 | privat e static b yte[] keyC orrection( byte[] key ) { | |
109 | // check for weak key | |
110 | tr y { | |
111 | if (DESK eySpec.isW eak(key, 0 )) { | |
112 | key[ 7] = (byte )(key[7] ^ 0xF0); | |
113 | } | |
114 | } catch (Inv alidKeyExc eption ex) { | |
115 | // swall ow, since it should never happ en | |
116 | } | |
117 | re turn key; | |
118 | } | |
119 | ||
120 | /** | |
121 | * Fro m RFC 3961 . | |
122 | * | |
123 | * Exp ands a 7-b yte array into an 8- byte array that cont ains parit y bits. | |
124 | * The 56 bits a re expande d into 64 bits as fo llows: | |
125 | * 1 2 3 4 5 6 7 p | |
126 | * 9 10 11 12 13 14 15 p | |
127 | * 1 7 18 19 20 21 22 23 p | |
128 | * 2 5 26 27 28 29 30 31 p | |
129 | * 3 3 34 35 36 37 38 39 p | |
130 | * 4 1 42 43 44 45 46 47 p | |
131 | * 4 9 50 51 52 53 54 55 p | |
132 | * 5 6 48 40 32 24 16 8 p | |
133 | * | |
134 | * (PI ,P2,...,P8 ) are rese rved for p arity bits computed on the pre ceding | |
135 | * sev en indepen dent bits and set so that the parity of the octet is odd, | |
136 | * i.e ., there i s an odd n umber of " 1" bits in the octet . | |
137 | * | |
138 | * @pa ram start index of s tarting by te (inclus ive) | |
139 | * @pa ram end in dex of end ing byte ( exclusive) | |
140 | */ | |
141 | privat e static b yte[] des3 Expand(byt e[] input, int start , int end) { | |
142 | if ((end - s tart) != 7 ) | |
143 | throw ne w IllegalA rgumentExc eption( | |
144 | "Inv alid lengt h of DES K ey Value:" + start + "," + end ); | |
145 | ||
146 | by te[] resul t = new by te[8]; | |
147 | by te last = 0; | |
148 | Sy stem.array copy(input , start, r esult, 0, 7); | |
149 | by te posn = 0; | |
150 | ||
151 | // Fill in l ast row | |
152 | fo r (int i = start; i < end; i++ ) { | |
153 | byte bit = (byte) (input[i]& 0x01); | |
154 | if (debu g) { | |
155 | Syst em.out.pri ntln(i + " : " + Inte ger.toHexS tring(inpu t[i]) + | |
156 | " bit= " + Integer.t oHexString (bit)); | |
157 | } | |
158 | ++posn; | |
159 | if (bit != 0) { | |
160 | last |= (bit<< posn); | |
161 | } | |
162 | } | |
163 | ||
164 | if (debug) { | |
165 | System.o ut.println ("last: " + Integer. toHexStrin g(last)); | |
166 | } | |
167 | re sult[7] = last; | |
168 | se tParityBit (result); | |
169 | re turn resul t; | |
170 | } | |
171 | ||
172 | /** | |
173 | * Set s the pari ty bit (0t h bit) in each byte so that ea ch byte | |
174 | * con tains an o dd number of 1's. | |
175 | */ | |
176 | privat e static v oid setPar ityBit(byt e[] key) { | |
177 | fo r (int i = 0; i < ke y.length; i++) { | |
178 | int b = key[i] & 0 xfe; | |
179 | b |= (In teger.bitC ount(b) & 1) ^ 1; | |
180 | key[i] = (byte) b; | |
181 | } | |
182 | } | |
183 | ||
184 | protec ted Cipher getCipher (byte[] ke y, byte[] ivec, int mode) | |
185 | th rows Gener alSecurity Exception { | |
186 | // NoSuchAlg orithExcep tion | |
187 | Se cretKeyFac tory facto ry = Secre tKeyFactor y.getInsta nce("desed e"); | |
188 | ||
189 | // InvalidKe yException | |
190 | Ke ySpec spec = new DES edeKeySpec (key, 0); | |
191 | ||
192 | // InvalidKe ySpecExcep tion | |
193 | SecretKey PW Key = fact ory.genera teSecret(s pec); | |
194 | ||
195 | // IV | |
196 | if (ivec == null) { | |
197 | ivec = Z ERO_IV; | |
198 | } | |
199 | ||
200 | // NoSuchAlg orithmExce ption, NoS uchPadding Exception | |
201 | // NoSuchPro viderExcep tion | |
202 | Ci pher ciphe r = Cipher .getInstan ce("DESede /CBC/NoPad ding"); | |
203 | Iv ParameterS pec encIv = new IvPa rameterSpe c(ivec, 0, ivec.leng th); | |
204 | ||
205 | // InvalidKe yException , InvalidA lgorithPar ameterExce ption | |
206 | cipher.ini t(mode, PW Key, encIv ); | |
207 | ||
208 | re turn ciphe r; | |
209 | } | |
210 | ||
211 | public int getCh ecksumLeng th() { | |
212 | re turn 20; // bytes | |
213 | } | |
214 | ||
215 | protec ted byte[] getHmac(b yte[] key, byte[] ms g) | |
216 | th rows Gener alSecurity Exception { | |
217 | ||
218 | Se cretKey ke yKi = new SecretKeyS pec(key, " HmacSHA1") ; | |
219 | Ma c m = Mac. getInstanc e("HmacSHA 1"); | |
220 | m. init(keyKi ); | |
221 | re turn m.doF inal(msg); | |
222 | } | |
223 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.