1 /* 2 * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.provider; 27 28 import sun.security.util.HexDumpEncoder; 29 30 import java.util.Arrays; 31 import java.util.Locale; 32 33 public abstract class AbstractHashDrbg extends AbstractDrbg { 34 35 private static final long serialVersionUID = 9L; 36 37 protected int outLen; 38 protected int seedLen; 39 40 private static int alg2strength(String algorithm) { 41 switch (algorithm.toUpperCase(Locale.ROOT)) { 42 case "SHA-1": 43 return 128; 44 case "SHA-224": 45 case "SHA-512/224": 46 return 192; 47 case "SHA-256": 48 case "SHA-512/256": 49 case "SHA-384": 50 case "SHA-512": 51 return 256; 52 default: 53 throw new IllegalArgumentException(algorithm + 54 " not supported in Hash_DBRG"); 55 } 56 } 57 58 protected void chooseAlgorithmAndStrength() { 59 if (requestedAlgorithm != null) { 60 algorithm = requestedAlgorithm.toUpperCase(Locale.ROOT); 61 int supportedStrength = alg2strength(algorithm); 62 if (requestedStrength >= 0) { 63 int tryStrength = getStandardStrength(requestedStrength); 64 if (tryStrength > supportedStrength) { 65 throw new IllegalArgumentException( 66 algorithm + " does not support strength " + requestedStrength); 67 } 68 this.strength = tryStrength; 69 } else { 70 this.strength = defaultStrength > supportedStrength? 71 supportedStrength: defaultStrength; 72 } 73 } else { 74 int tryStrength = 75 requestedStrength<0? defaultStrength: requestedStrength; 76 tryStrength = getStandardStrength(tryStrength); 77 // The default algorithm which is enough for all strengths. 78 // Also described in comments of the "drbg" security property. 79 algorithm = "SHA-256"; 80 this.strength = tryStrength; 81 } 82 switch (algorithm.toUpperCase(Locale.ROOT)) { 83 case "SHA-1": 84 this.seedLen = 440/8; 85 this.outLen = 160/8; 86 break; 87 case "SHA-224": 88 case "SHA-512/224": 89 this.seedLen = 440/8; 90 this.outLen = 224/8; 91 break; 92 case "SHA-256": 93 case "SHA-512/256": 94 this.seedLen = 440/8; 95 this.outLen = 256/8; 96 break; 97 case "SHA-384": 98 this.seedLen = 888/8; 99 this.outLen = 384/8; 100 break; 101 case "SHA-512": 102 this.seedLen = 888/8; 103 this.outLen = 512/8; 104 break; 105 default: 106 throw new IllegalArgumentException(algorithm + 107 " not supported in Hash_DBRG"); 108 } 109 this.minLength = this.strength/8; 110 } 111 112 @Override 113 public void instantiateAlgorithm(byte[] entropy) { 114 byte[] seed = Arrays.copyOf(entropy, entropy.length + nonce.length + 115 (ps == null? 0: ps.length)); 116 System.arraycopy(nonce, 0, seed, entropy.length, nonce.length); 117 if (ps != null) { 118 System.arraycopy(ps, 0, seed, entropy.length + nonce.length, 119 ps.length); 120 } 121 hashReseedInternal(seed); 122 } 123 124 @Override 125 protected void reseedAlgorithm( 126 byte[] ei, 127 byte[] additionalInput) { 128 if (debug != null) { 129 debug.println("reseedAlgorithm"); 130 debug.println(new HexDumpEncoder().encodeBuffer(ei)); 131 if (additionalInput != null) { 132 debug.println(new HexDumpEncoder().encodeBuffer(additionalInput)); 133 } 134 } 135 if (additionalInput != null) { 136 ei = Arrays.copyOf(ei, ei.length + additionalInput.length); 137 System.arraycopy(additionalInput, 0, ei, 138 ei.length - additionalInput.length, additionalInput.length); 139 } 140 hashReseedInternal(ei); 141 } 142 143 protected abstract void hashReseedInternal(byte[] seed); 144 }