• Home
• com.github.unbound-tech
• unbound-java-provider
• 2.0.2007.43779
• source code
• SecretKeyMac.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.unbound.provider.SecretKeyMac Maven / Gradle / Ivy

package com.unbound.provider;

import com.unbound.common.Log;
import com.unbound.provider.kmip.KMIP;
import com.unbound.provider.kmip.attribute.CryptoParams;
import com.unbound.provider.kmip.request.MACRequest;
import com.unbound.provider.kmip.response.MACResponse;

import javax.crypto.MacSpi;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.ProviderException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;


public class SecretKeyMac extends MacSpi
{
  private int kmipAlg;
  private byte[] oneByte = null;
  private byte[] corr = null;
  private UBSecretKey secretKey = null;

  SecretKeyMac(int kmipAlg)
  {
    this.kmipAlg = kmipAlg;
  }

  // ------------------------ interface ------------------------

  @Override
  protected int engineGetMacLength()
  {
    switch (kmipAlg)
    {
      case KMIP.CryptographicAlgorithm.HMAC_SHA1   : return 20;
      case KMIP.CryptographicAlgorithm.HMAC_SHA256 : return 32;
      case KMIP.CryptographicAlgorithm.HMAC_SHA384 : return 48;
      case KMIP.CryptographicAlgorithm.HMAC_SHA512 : return 64;
    }
    return 0;
  }

  @Override
  protected void engineInit(Key key, AlgorithmParameterSpec algorithmParameterSpec) throws InvalidKeyException, InvalidAlgorithmParameterException
  {
    if (key==null) throw new InvalidKeyException("Invalid key");
    if (algorithmParameterSpec!=null) throw new InvalidAlgorithmParameterException("Parameters not supported");
    if (!(key instanceof UBSecretKey)) throw new InvalidKeyException("Invalid key type");
    UBSecretKey secretKey = (UBSecretKey)key;
    switch (secretKey.getKmipAlg())
    {
      case KMIP.CryptographicAlgorithm.HMAC_SHA1:
      case KMIP.CryptographicAlgorithm.HMAC_SHA256:
      case KMIP.CryptographicAlgorithm.HMAC_SHA384:
      case KMIP.CryptographicAlgorithm.HMAC_SHA512: break;
      default:                                      throw new InvalidKeyException("Invalid key type");
    }
    this.secretKey = secretKey;
  }

  @Override
  protected void engineUpdate(byte b)
  {
    if (oneByte == null) oneByte = new byte[1];
    oneByte[0] = b;
    engineUpdate(oneByte, 0, 1);
  }

  @Override
  protected void engineUpdate(byte[] input, int offset, int length)
  {
    int tagLen = engineGetMacLength();
    Log log = Log.func("SecretKeyMac.engineUpdate")
      .log("kmipAlg", kmipAlg)
      .log("tagLen", tagLen)
      .log("offset", offset)
      .log("length", length).end(); try
    {
      if (secretKey==null) throw new ProviderException("Key not initialized");
      MACRequest req = new MACRequest();
      req.corr = corr;
      req.data = Arrays.copyOfRange(input, offset, offset+length);
      req.initInd = corr==null;
      req.finalInd = false;
      req.uid = UBObject.uidToStr(secretKey.uid);
      req.params = new CryptoParams();
      req.params.cryptoAlg = kmipAlg;
      req.params.tagLength = tagLen;
      MACResponse resp;
      try
      {
        resp = (MACResponse) secretKey.partition.transmit(req);
      }
      catch (IOException e)
      {
        throw new ProviderException(e);
      }
      corr = resp.corr;
    }
    catch (Exception e) { log.failed(e); throw e; } finally { log.leave(); }
  }

  @Override
  protected byte[] engineDoFinal()
  {
    int tagLen = engineGetMacLength();
    Log log = Log.func("SecretKeyMac.engineUpdate").log("kmipAlg", kmipAlg).log("tagLen", tagLen).end(); try
    {
      if (secretKey==null) throw new ProviderException("Key not initialized");
      MACRequest req = new MACRequest();
      req.corr = corr;
      req.initInd = corr==null;
      req.finalInd = true;
      req.uid = UBObject.uidToStr(secretKey.uid);
      req.params = new CryptoParams();
      req.params.cryptoAlg = kmipAlg;
      req.params.tagLength = tagLen;
      MACResponse resp;
      try
      {
        resp = (MACResponse) secretKey.partition.transmit(req);
      }
      catch (IOException e)
      {
        throw new ProviderException(e);
      }

      engineReset();
      return resp.data;
    }
    catch (Exception e) { log.failed(e); throw e; } finally { log.leave(); }
  }

  @Override
  protected void engineReset()
  {
    corr = null;
  }

  // ---------------------------------- Sub-classes -----------------------

  public static final class HmacSHA1 extends SecretKeyMac
  {
    public HmacSHA1() { super(KMIP.CryptographicAlgorithm.HMAC_SHA1); }
  }

  public static final class HmacSHA256 extends SecretKeyMac
  {
    public HmacSHA256() { super(KMIP.CryptographicAlgorithm.HMAC_SHA256); }
  }

  public static final class HmacSHA384 extends SecretKeyMac
  {
    public HmacSHA384() { super(KMIP.CryptographicAlgorithm.HMAC_SHA384); }
  }

  public static final class HmacSHA512 extends SecretKeyMac
  {
    public HmacSHA512() { super(KMIP.CryptographicAlgorithm.HMAC_SHA512); }
  }

}