javax.crypto.Mac Maven / Gradle / Ivy
Show all versions of android-all Show documentation
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package javax.crypto;
import java.nio.ByteBuffer;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.ProviderException;
import java.security.Security;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import org.apache.harmony.security.fortress.Engine;
/**
* This class provides the public API for Message Authentication Code
* (MAC) algorithms.
*/
public class Mac implements Cloneable {
// The service name.
private static final String SERVICE = "Mac";
//Used to access common engine functionality
private static final Engine ENGINE = new Engine(SERVICE);
// Store used provider
private Provider provider;
// Provider that was requested during creation.
private final Provider specifiedProvider;
// Store used spi implementation
private MacSpi spiImpl;
// Store used algorithm name
private final String algorithm;
/**
* Lock held while the SPI is initializing.
*/
private final Object initLock = new Object();
// Store Mac state (initialized or not initialized)
private boolean isInitMac;
/**
* Creates a new {@code Mac} instance.
*
* @param macSpi
* the implementation delegate.
* @param provider
* the implementation provider.
* @param algorithm
* the name of the MAC algorithm.
*/
protected Mac(MacSpi macSpi, Provider provider, String algorithm) {
this.specifiedProvider = provider;
this.algorithm = algorithm;
this.spiImpl = macSpi;
this.isInitMac = false;
}
/**
* Returns the name of the MAC algorithm.
*
* @return the name of the MAC algorithm.
*/
public final String getAlgorithm() {
return algorithm;
}
/**
* Returns the provider of this {@code Mac} instance.
*
* @return the provider of this {@code Mac} instance.
*/
public final Provider getProvider() {
getSpi();
return provider;
}
/**
* Creates a new {@code Mac} instance that provides the specified MAC
* algorithm.
*
* @param algorithm
* the name of the requested MAC algorithm.
* @return the new {@code Mac} instance.
* @throws NoSuchAlgorithmException
* if the specified algorithm is not available by any provider.
* @throws NullPointerException
* if {@code algorithm} is {@code null} (instead of
* NoSuchAlgorithmException as in 1.4 release).
*/
public static final Mac getInstance(String algorithm)
throws NoSuchAlgorithmException {
return getMac(algorithm, null);
}
/**
* Creates a new {@code Mac} instance that provides the specified MAC
* algorithm from the specified provider.
*
* @param algorithm
* the name of the requested MAC algorithm.
* @param provider
* the name of the provider that is providing the algorithm.
* @return the new {@code Mac} instance.
* @throws NoSuchAlgorithmException
* if the specified algorithm is not provided by the specified
* provider.
* @throws NoSuchProviderException
* if the specified provider is not available.
* @throws IllegalArgumentException
* if the specified provider name is {@code null} or empty.
* @throws NullPointerException
* if {@code algorithm} is {@code null} (instead of
* NoSuchAlgorithmException as in 1.4 release).
*/
public static final Mac getInstance(String algorithm, String provider)
throws NoSuchAlgorithmException, NoSuchProviderException {
if (provider == null || provider.isEmpty()) {
throw new IllegalArgumentException("Provider is null or empty");
}
Provider impProvider = Security.getProvider(provider);
if (impProvider == null) {
throw new NoSuchProviderException(provider);
}
return getMac(algorithm, impProvider);
}
/**
* Creates a new {@code Mac} instance that provides the specified MAC
* algorithm from the specified provider. The {@code provider} supplied
* does not have to be registered.
*
* @param algorithm
* the name of the requested MAC algorithm.
* @param provider
* the provider that is providing the algorithm.
* @return the new {@code Mac} instance.
* @throws NoSuchAlgorithmException
* if the specified algorithm is not provided by the specified
* provider.
* @throws IllegalArgumentException
* if {@code provider} is {@code null}.
* @throws NullPointerException
* if {@code algorithm} is {@code null} (instead of
* NoSuchAlgorithmException as in 1.4 release).
*/
public static final Mac getInstance(String algorithm, Provider provider)
throws NoSuchAlgorithmException {
if (provider == null) {
throw new IllegalArgumentException("provider == null");
}
return getMac(algorithm, provider);
}
private static Mac getMac(String algorithm, Provider provider)
throws NoSuchAlgorithmException {
if (algorithm == null) {
throw new NullPointerException("algorithm == null");
}
boolean providerSupportsAlgorithm;
try {
providerSupportsAlgorithm = tryAlgorithm(null /* key */, provider, algorithm) != null;
} catch (InvalidKeyException e) {
throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
}
if (!providerSupportsAlgorithm) {
if (provider == null) {
throw new NoSuchAlgorithmException("No provider found for " + algorithm);
} else {
throw new NoSuchAlgorithmException("Provider " + provider.getName()
+ " does not provide " + algorithm);
}
}
return new Mac(null, provider, algorithm);
}
/**
* @throws InvalidKeyException if the specified key cannot be used to
* initialize this mac.
*/
private static Engine.SpiAndProvider tryAlgorithm(
Key key, Provider provider, String algorithm) throws InvalidKeyException {
if (provider != null) {
Provider.Service service = provider.getService(SERVICE, algorithm);
if (service == null) {
return null;
}
return tryAlgorithmWithProvider(service);
}
ArrayList services = ENGINE.getServices(algorithm);
if (services == null || services.isEmpty()) {
return null;
}
boolean keySupported = false;
for (Provider.Service service : services) {
if (key == null || service.supportsParameter(key)) {
keySupported = true;
Engine.SpiAndProvider sap = tryAlgorithmWithProvider(service);
if (sap != null) {
return sap;
}
}
}
if (!keySupported) {
throw new InvalidKeyException("No provider supports the provided key");
}
return null;
}
private static Engine.SpiAndProvider tryAlgorithmWithProvider(Provider.Service service) {
try {
Engine.SpiAndProvider sap = ENGINE.getInstance(service, null);
if (sap.spi == null || sap.provider == null) {
return null;
}
if (!(sap.spi instanceof MacSpi)) {
return null;
}
return sap;
} catch (NoSuchAlgorithmException ignored) {
}
return null;
}
/**
* Makes sure a MacSpi that matches this type is selected.
*
* @throws InvalidKeyException if the specified key cannot be used to
* initialize this mac.
*/
private MacSpi getSpi(Key key) throws InvalidKeyException {
synchronized (initLock) {
if (spiImpl != null && provider != null && key == null) {
return spiImpl;
}
if (algorithm == null) {
return null;
}
final Engine.SpiAndProvider sap = tryAlgorithm(key, specifiedProvider, algorithm);
if (sap == null) {
throw new ProviderException("No provider for " + getAlgorithm());
}
/*
* Set our Spi if we've never been initialized or if we have the Spi
* specified and have a null provider.
*/
if (spiImpl == null || provider != null) {
spiImpl = (MacSpi) sap.spi;
}
provider = sap.provider;
return spiImpl;
}
}
/**
* Convenience call when the Key is not available.
*/
private MacSpi getSpi() {
try {
return getSpi(null);
} catch (InvalidKeyException e) {
throw new IllegalStateException("InvalidKeyException thrown when key == null", e);
}
}
/**
* Returns the {@code MacSpi} backing this {@code Mac} or {@code null} if no {@code MacSpi} is
* backing this {@code Mac}.
*
* @hide
*/
public MacSpi getCurrentSpi() {
synchronized (initLock) {
return spiImpl;
}
}
/**
* Returns the length of this MAC (in bytes).
*
* @return the length of this MAC (in bytes).
*/
public final int getMacLength() {
return getSpi().engineGetMacLength();
}
/**
* Initializes this {@code Mac} instance with the specified key and
* algorithm parameters.
*
* @param key
* the key to initialize this algorithm.
* @param params
* the parameters for this algorithm.
* @throws InvalidKeyException
* if the specified key cannot be used to initialize this
* algorithm, or it is null.
* @throws InvalidAlgorithmParameterException
* if the specified parameters cannot be used to initialize this
* algorithm.
*/
public final void init(Key key, AlgorithmParameterSpec params)
throws InvalidKeyException, InvalidAlgorithmParameterException {
if (key == null) {
throw new InvalidKeyException("key == null");
}
getSpi(key).engineInit(key, params);
isInitMac = true;
}
/**
* Initializes this {@code Mac} instance with the specified key.
*
* @param key
* the key to initialize this algorithm.
* @throws InvalidKeyException
* if initialization fails because the provided key is {@code
* null}.
* @throws RuntimeException
* if the specified key cannot be used to initialize this
* algorithm.
*/
public final void init(Key key) throws InvalidKeyException {
if (key == null) {
throw new InvalidKeyException("key == null");
}
try {
getSpi(key).engineInit(key, null);
isInitMac = true;
} catch (InvalidAlgorithmParameterException e) {
throw new RuntimeException(e);
}
}
/**
* Updates this {@code Mac} instance with the specified byte.
*
* @param input
* the byte
* @throws IllegalStateException
* if this MAC is not initialized.
*/
public final void update(byte input) throws IllegalStateException {
if (!isInitMac) {
throw new IllegalStateException();
}
getSpi().engineUpdate(input);
}
/**
* Updates this {@code Mac} instance with the data from the specified buffer
* {@code input} from the specified {@code offset} and length {@code len}.
*
* @param input
* the buffer.
* @param offset
* the offset in the buffer.
* @param len
* the length of the data in the buffer.
* @throws IllegalStateException
* if this MAC is not initialized.
* @throws IllegalArgumentException
* if {@code offset} and {@code len} do not specified a valid
* chunk in {@code input} buffer.
*/
public final void update(byte[] input, int offset, int len) throws IllegalStateException {
if (!isInitMac) {
throw new IllegalStateException();
}
if (input == null) {
return;
}
if ((offset < 0) || (len < 0) || ((offset + len) > input.length)) {
throw new IllegalArgumentException("Incorrect arguments."
+ " input.length=" + input.length
+ " offset=" + offset + ", len=" + len);
}
getSpi().engineUpdate(input, offset, len);
}
/**
* Copies the buffer provided as input for further processing.
*
* @param input
* the buffer.
* @throws IllegalStateException
* if this MAC is not initialized.
*/
public final void update(byte[] input) throws IllegalStateException {
if (!isInitMac) {
throw new IllegalStateException();
}
if (input != null) {
getSpi().engineUpdate(input, 0, input.length);
}
}
/**
* Updates this {@code Mac} instance with the data from the specified
* buffer, starting at {@link ByteBuffer#position()}, including the next
* {@link ByteBuffer#remaining()} bytes.
*
* @param input
* the buffer.
* @throws IllegalStateException
* if this MAC is not initialized.
*/
public final void update(ByteBuffer input) {
if (!isInitMac) {
throw new IllegalStateException();
}
if (input != null) {
getSpi().engineUpdate(input);
} else {
throw new IllegalArgumentException("input == null");
}
}
/**
* Computes the digest of this MAC based on the data previously specified in
* {@link #update} calls.
*
* This {@code Mac} instance is reverted to its initial state and can be
* used to start the next MAC computation with the same parameters or
* initialized with different parameters.
*
* @return the generated digest.
* @throws IllegalStateException
* if this MAC is not initialized.
*/
public final byte[] doFinal() throws IllegalStateException {
if (!isInitMac) {
throw new IllegalStateException();
}
return getSpi().engineDoFinal();
}
/**
* Computes the digest of this MAC based on the data previously specified in
* {@link #update} calls and stores the digest in the specified {@code
* output} buffer at offset {@code outOffset}.
*
* This {@code Mac} instance is reverted to its initial state and can be
* used to start the next MAC computation with the same parameters or
* initialized with different parameters.
*
* @param output
* the output buffer
* @param outOffset
* the offset in the output buffer
* @throws ShortBufferException
* if the specified output buffer is either too small for the
* digest to be stored, the specified output buffer is {@code
* null}, or the specified offset is negative or past the length
* of the output buffer.
* @throws IllegalStateException
* if this MAC is not initialized.
*/
public final void doFinal(byte[] output, int outOffset)
throws ShortBufferException, IllegalStateException {
if (!isInitMac) {
throw new IllegalStateException();
}
if (output == null) {
throw new ShortBufferException("output == null");
}
if ((outOffset < 0) || (outOffset >= output.length)) {
throw new ShortBufferException("Incorrect outOffset: " + outOffset);
}
MacSpi spi = getSpi();
int t = spi.engineGetMacLength();
if (t > (output.length - outOffset)) {
throw new ShortBufferException("Output buffer is short. Needed " + t + " bytes.");
}
byte[] result = spi.engineDoFinal();
System.arraycopy(result, 0, output, outOffset, result.length);
}
/**
* Computes the digest of this MAC based on the data previously specified on
* {@link #update} calls and on the final bytes specified by {@code input}
* (or based on those bytes only).
*
* This {@code Mac} instance is reverted to its initial state and can be
* used to start the next MAC computation with the same parameters or
* initialized with different parameters.
*
* @param input
* the final bytes.
* @return the generated digest.
* @throws IllegalStateException
* if this MAC is not initialized.
*/
public final byte[] doFinal(byte[] input) throws IllegalStateException {
if (!isInitMac) {
throw new IllegalStateException();
}
MacSpi spi = getSpi();
if (input != null) {
spi.engineUpdate(input, 0, input.length);
}
return spi.engineDoFinal();
}
/**
* Resets this {@code Mac} instance to its initial state.
*
* This {@code Mac} instance is reverted to its initial state and can be
* used to start the next MAC computation with the same parameters or
* initialized with different parameters.
*/
public final void reset() {
getSpi().engineReset();
}
/**
* Clones this {@code Mac} instance and the underlying implementation.
*
* @return the cloned instance.
* @throws CloneNotSupportedException
* if the underlying implementation does not support cloning.
*/
@Override
public final Object clone() throws CloneNotSupportedException {
MacSpi newSpiImpl = null;
final MacSpi spi = getSpi();
if (spi != null) {
newSpiImpl = (MacSpi) spi.clone();
}
Mac mac = new Mac(newSpiImpl, this.provider, this.algorithm);
mac.isInitMac = this.isInitMac;
return mac;
}
}