speed.java

jpeg2000编解码

// $Id: SPEED.java,v 1.1.1.1 2002/08/27 12:32:10 grosbois Exp $
//
// $Log: SPEED.java,v $
// Revision 1.1.1.1  2002/08/27 12:32:10  grosbois
// Add cryptix 3.2
//
// Revision 1.6  2000/08/17 11:40:51  edwin
// java.* -> xjava.*
//
// Revision 1.5  1997/12/09 04:43:45  hopwood
// + Various.
//
// Revision 1.4  1997/11/29 17:49:03  hopwood
// + Committed changes below.
//
// Revision 1.3.1  1997/11/29  hopwood
// + Changed parameter objects to be Integers, rather than decimal Strings.
//
// Revision 1.3  1997/11/29 04:42:56  hopwood
// + Changes to engineUpdate method.
//
// Revision 1.2  1997/11/20 19:31:40  hopwood
// + cryptix.util.* name changes.
//
// Revision 1.1.1.1  1997/11/03 22:36:56  hopwood
// + Imported to CVS (tagged as 'start').
//
// Revision 0.3.2.1  1997/09/18  David Hopwood
// + Fixed missing import of Cipher.
// + Replaced the constructors that take block size and number of rounds
//   with properties.
// + Changed native_crypt signature to pass the block size and number of
//   rounds.
//
// Revision 0.3.2.0  1997/09/06  David Hopwood
// + Removed all deprecated methods and fields. Cryptix 2.2 compatibility
//   is now handled by the separate cryptix.security.SPEED class.
// + Ensured that this class is final, and added a comment that this is for
//   security reasons.
//   If it were not final, some VMs have a bug that would allow a subclass
//   that implements Cloneable to call Object's or Cipher's clone() method
//   using invokenonvirtual, which would duplicate the pointer to the native
//   state. Then calling finalize() on the original and using the clone (for
//   example) would result in freed memory being written to :-(.
// + Native linking and debugging brought up to date with Blowfish 3.2.0
//   (hence the jump in version number).
// + Documentation changes.
//
// Revision 0.1.0.1  1997/04/20  Systemics Ltd
// + Minimal self_test().
//
// Revision 0.1.0.0  1997/04/01  Systemics Ltd
// + Original version, as released.
//
// $Endlog$
/*
 * Copyright (c) 1997 Systemics Ltd
 * on behalf of the Cryptix development team.  All rights reserved.
 */

package cryptix.provider.cipher;

import cryptix.util.core.Debug;
import cryptix.CryptixException;
import cryptix.util.core.ArrayUtil;
import cryptix.util.core.Hex;
import cryptix.provider.key.RawSecretKey;

import java.io.PrintWriter;
import xjava.security.Cipher;
import java.security.Key;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import xjava.security.InvalidParameterTypeException;
import xjava.security.NoSuchParameterException;
import java.security.Security;
import xjava.security.SymmetricCipher;

/**
 * SPEED is a block cipher with variable key size, data block size and number
 * of rounds (in the style of RC5).
 * <P>
 * These parameters are set as follows:
 * <ul>
 *   <li> The key size is taken from the encoded form of the key passed to
 *        <code>initEncrypt</code> or <code>initDecrypt</code>. It can be
 *        any even number of bytes from 6 to 32 (6, 8, 10, ... 32).
 *        <p>
 *   <li> The length of the data block defaults to the value of the parameter
 *        "Alg.blockSize.SPEED", or 8 bytes (c.f. IDEA and DES) if that parameter
 *        is not found.
 *        It can be set by calling setBlockSize(), and can be 8, 16, or 32 bytes.
 *        <p>
 *   <li> The number of rounds defaults to the value of the parameter
 *        "Alg.rounds.SPEED", or 64 (which gives 'adequate' security according
 *        to the paper below) if that parameter is not found.
 *        It can be set by calling setRounds(), and can be any number from 32
 *        upwards, divisible by 4 (32, 36, ...).
 * </ul>
 * <p>
 * These are recommended settings for 'adequate' security:
 * <pre>
 *    +--------------------------------------------------+
 *    |   block size   |   key length   |     rounds     |
 *    |==================================================|
 *    |       8        |      >= 8      |     >= 64      |
 *    |--------------------------------------------------|
 *    |      16        |      >= 8      |     >= 48      |
 *    |--------------------------------------------------|
 *    |      32        |      >= 8      |     >= 48      |
 *    +--------------------------------------------------+
 * </pre>
 * <p>
 * SPEED was designed by <a href="mailto:yzheng@fcit.monash.edu.au">Yuliang Zheng</a>,
 * and is in the public domain.
 * <p>
 * <b>References:</b>
 * <ol>
 *   <li> <a href="http://pscit-www.fcit.monash.edu.au/~yuliang/">Y. Zheng</a>
 *        "The SPEED Cipher,"
 *        <cite>Proceedings of Financial Cryptography 97</cite>,
 *        Springer-Verlag (forthcoming).
 *        FC97 held at Anguilla, BWI, 24-28 February 1997.
 * </ol>
 * <p>
 * <b>Copyright</b> &copy; 1997
 * <a href="http://www.systemics.com/">Systemics Ltd</a> on behalf of the
 * <a href="http://www.systemics.com/docs/cryptix/">Cryptix Development Team</a>.
 * <br>All rights reserved.
 * <p>
 * <b>$Revision: 1.1.1.1 $</b>
 * @author  Systemics Ltd
 * @author  David Hopwood
 * @since   Cryptix 2.2.2
 */
public final class SPEED // must be final for security reasons
extends Cipher
implements SymmetricCipher
{

// Debugging methods and vars.
//...........................................................................

    private static final boolean DEBUG = Debug.GLOBAL_DEBUG;
    private static final boolean DEBUG_SLOW = Debug.GLOBAL_DEBUG_SLOW;
    private static final int debuglevel = DEBUG ? Debug.getLevel("SPEED") : 0;
    private static final PrintWriter err = DEBUG ? Debug.getOutput() : null;
    private static void debug(String s) { err.println("SPEED: " + s); }


// Native library linking methods and vars.
//...........................................................................

    private static NativeLink linkStatus = new NativeLink("SPEED", 2, 3);

    /**
     * Gets an object representing the native linking status of this class.
     */
    public static cryptix.util.core.LinkStatus getLinkStatus() { return linkStatus; }

    /**
     * The native reference to the current native key schedule
     * structure. Defaults to 0 but is set by native code after a
     * successful call to native_init().
     * <p>
     * IMPORTANT: Do not change the name of this variable without
     * duplicating the same in the native code.
     */
    private long native_cookie;

    /**
     * This object must be synchronized on while calling any native instance
     * method. It is null if the native code is not being used (e.g. the
     * library did not load successfully, or the user disabled its use in
     * the properties file).
     */
    private Object native_lock; // defaults to null

    private void link() {
        synchronized(linkStatus) {
            try {
                if (linkStatus.attemptLoad()) {
                    linkStatus.checkVersion(getLibMajorVersion(), getLibMinorVersion());
                    linkStatus.check(native_clinit());
                }
                if (linkStatus.useNative()) {
                    linkStatus.check(native_init());
                    native_lock = new Object();
                }
            } catch (UnsatisfiedLinkError e) {
                linkStatus.fail(e);
if (DEBUG && debuglevel > 2) debug(e.getMessage());
            }
if (DEBUG && debuglevel > 2) debug("Using native library? " + (native_lock != null));
        }
    }


// Native support API
//...........................................................................

    // The methods that get the library version.
    private native static int getLibMajorVersion();
    private native static int getLibMinorVersion();

    /**
     * Static initialization and self-test method for the native code.
     *
     * @return a string if an error occurred or null otherwise.
     */
    private native String native_clinit();

    /**
     * Initializes the native state for this cipher object and allocates
     * needed native storage for the internal key schedule. A reference
     * to the newly allocated space, if successful, is stored in the
     * instance variable <code>native_cookie</code>.
     *
     * @return a string if an error occurred or null otherwise.
     */
    private native String native_init();

    /**
     * This function expands the user key to an internal form.
     *
     * @param  cookie   a valid reference to the native key structure. This
     *                  value is set by the native library upon return from
     *                  native_init() (see link() method at the top).
     * @param  userKey  a byte array representing the user key
     * @return an error String, or null if there was no error
     */
    private native String native_ks(long cookie, byte[] userKey);

    // if schedule is done in Java:
    //   (long cookie, int key_bits, int data_bits,
    //    int s0, int s1, int s2, int f_wd_len, int h_wd_len,
    //    int f_wd_mask, int h_wd_mask, int v_shift, int kb_bits,
    //    int[] round_key, int key_len_dbyte);

    /**
     * Encrypts/decrypts a data block.
     * <p>
     * FUTURE: possibly change this to be able to process more than one block,
     * to reduce native method call overhead.
     * <p>
     * SECURITY: the caller <strong>must</strong> ensure that:
     * <ul>
     *   <li> <code>in != null</code>
     *   <li> <code>out != null</code>
     *   <li> <code>inOffset >= 0</code>
     *   <li> <code>(long)inOffset + block_size <= in.length</code>
     *   <li> <code>outOffset >= 0</code>
     *   <li> <code>(long)outOffset + block_size <= out.length</code>
     * </ul>
     *
     * @param  cookie       a valid reference to the native key structure. This
     *                      value is set by the native library upon return from
     *                      native_init() (see link() method at the top).
     * @param  in           input array containing data to encrypt or decrypt
     *                      depending on the value of the encrypt boolean parameter.
     * @param  inOffset     index of where we should start reading from input.
     * @param  out          output array containing data decrypted or encrypted
     *                      depending on the value of the encrypt boolean parameter.
     * @param  outOffset    index of where we should start writing to output.
     * @param  encrypt      if true then encrypt, otherwise decrypt.
     * @param  rounds       the number of rounds.
     * @param  blocksize    the block size in bytes.
     * @return the number of bytes crypted (always blocksize) or 0 if an error
     *                      occurred.
     */
    private native int native_crypt(long cookie, byte[] in, int inOffset,
                                    byte[] out, int outOffset, boolean encrypt,
                                    int rounds, int blocksize);

    /**
     * Finalizes the native state for this object.
     *
     * @return a string if an error occurred or null otherwise.
     */
    private native String native_finalize();


// SPEED constants and variables
//...........................................................................

    private static final int
        MIN_NOF_ROUNDS = 32,            // minimum number of rounds for SPEED
        MIN_USER_KEY_LENGTH =  48 / 8,  // given in bytes from a value in bits
        MAX_USER_KEY_LENGTH = 256 / 8;  // given in bytes from a value in bits

    //
    // Defaults are set to the same as IDEA, e.g. 16 key and 8 data bytes.
    // However, the real key length is taken from the key provided.
    //
    private int
        key_length = 16,    // in bytes
        rounds = 64,        // 'adequate' security, c.f. paper
        block_size = 8;     // in bytes

    //
    // Names ending in _bits refer to number of bits; those ending in _len
    // refer to number of bytes. Other names are taken from the C reference code.
    //
    // Note that as ints, some of these might give trouble with 256 bit
    // data blocks, as the full 32 bits are used.
    //
    private int key_bits;       // is key_length * 8
    private int data_bits;      // is block_size * 8
    private int s0, s1, s2;     // taken from sqrt(15) and key_length
    private int f_wd_len;
    private int h_wd_len;
    private int f_wd_mask;      // long ?? if data_bits == 256
    private int h_wd_mask;
    private int v_shift;
    private int kb_bits;
    private int[] round_key;    // the internal key buffer
    private int key_len_dbyte;


// Constructor, finalizer, and clone()
//...........................................................................

    /**
     * Constructs a SPEED cipher object, in the UNINITIALIZED state.
     * This calls the Cipher constructor with <i>implBuffering</i> false,
     * <i>implPadding</i> false and the provider set to "Cryptix".
     */
    public SPEED() {
        super(false, false, "Cryptix");
        link();

        try {
            String ps = Security.getAlgorithmProperty("SPEED", "rounds");
            if (ps != null) setRounds(Integer.parseInt(ps));
        } catch (Exception e) {
if (DEBUG && debuglevel > 0) debug("Could not set number of rounds");
        }
        try {
            String ps = Security.getAlgorithmProperty("SPEED", "blockSize");
            if (ps != null) setBlockSize(Integer.parseInt(ps));
        } catch (Exception e) {
if (DEBUG && debuglevel > 0) debug("Could not set block size");
        }
    }

    /**
     * Cleans up resources used by this instance, if necessary.