Changeset b93be8b


Ignore:
Timestamp:
Nov 25, 2018 3:23:17 PM (20 months ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
a8bacd8
Parents:
9badfd0
Message:

Crypto: Define ElG length constants

Files:
2 edited

Legend:

Unmodified
Added
Removed
  • core/java/src/net/i2p/crypto/ElGamalEngine.java

    r9badfd0 rb93be8b  
    5959
    6060    private static final BigInteger ELGPM1 = CryptoConstants.elgp.subtract(BigInteger.ONE);
     61    private static final int ELG_CLEARTEXT_LENGTH = 222;
     62    private static final int ELG_ENCRYPTED_LENGTH = 514;
     63    private static final int ELG_HALF_LENGTH = ELG_ENCRYPTED_LENGTH / 2;
    6164
    6265   
     
    114117     */
    115118    public byte[] encrypt(byte data[], PublicKey publicKey) {
    116         if ((data == null) || (data.length >= 223))
    117             throw new IllegalArgumentException("Data to encrypt must be < 223 bytes at the moment");
     119        if ((data == null) || (data.length > ELG_CLEARTEXT_LENGTH))
     120            throw new IllegalArgumentException("Data to encrypt must be <= 222 bytes");
    118121        if (publicKey == null) throw new IllegalArgumentException("Null public key specified");
    119122
     
    150153        byte[] ybytes = y.toByteArray();
    151154        byte[] dbytes = d.toByteArray();
    152         byte[] out = new byte[514];
    153         System.arraycopy(ybytes, 0, out, (ybytes.length < 257 ? 257 - ybytes.length : 0),
    154                          (ybytes.length > 257 ? 257 : ybytes.length));
    155         System.arraycopy(dbytes, 0, out, (dbytes.length < 257 ? 514 - dbytes.length : 257),
    156                          (dbytes.length > 257 ? 257 : dbytes.length));
     155        byte[] out = new byte[ELG_ENCRYPTED_LENGTH];
     156        System.arraycopy(ybytes, 0, out, (ybytes.length < ELG_HALF_LENGTH ? ELG_HALF_LENGTH - ybytes.length : 0),
     157                         (ybytes.length > ELG_HALF_LENGTH ? ELG_HALF_LENGTH : ybytes.length));
     158        System.arraycopy(dbytes, 0, out, (dbytes.length < ELG_HALF_LENGTH ? ELG_ENCRYPTED_LENGTH - dbytes.length : ELG_HALF_LENGTH),
     159                         (dbytes.length > ELG_HALF_LENGTH ? ELG_HALF_LENGTH : dbytes.length));
    157160        /*
    158161        StringBuilder buf = new StringBuilder(1024);
     
    191194     */
    192195    public byte[] decrypt(byte encrypted[], PrivateKey privateKey) {
    193         if ((encrypted == null) || (encrypted.length != 514))
    194             throw new IllegalArgumentException("Data to decrypt must be exactly 514 bytes");
     196        if ((encrypted == null) || (encrypted.length != ELG_ENCRYPTED_LENGTH))
     197            throw new IllegalArgumentException("Data to decrypt must be exactly ELG_ENCRYPTED_LENGTH bytes");
    195198        long start = _context.clock().now();
    196199
     
    198201        BigInteger y1p = ELGPM1.subtract(a);
    199202        // we use this buf first for Y, then for D, then for the hash
    200         byte[] buf = SimpleByteCache.acquire(257);
    201         System.arraycopy(encrypted, 0, buf, 0, 257);
     203        byte[] buf = SimpleByteCache.acquire(ELG_HALF_LENGTH);
     204        System.arraycopy(encrypted, 0, buf, 0, ELG_HALF_LENGTH);
    202205        NativeBigInteger y = new NativeBigInteger(1, buf);
    203206        BigInteger ya = y.modPowCT(y1p, CryptoConstants.elgp);
    204         System.arraycopy(encrypted, 257, buf, 0, 257);
     207        System.arraycopy(encrypted, ELG_HALF_LENGTH, buf, 0, ELG_HALF_LENGTH);
    205208        BigInteger d = new NativeBigInteger(1, buf);
    206209        BigInteger m = ya.multiply(d);
  • router/java/src/net/i2p/router/crypto/ElGamalAESEngine.java

    r9badfd0 rb93be8b  
    4343    /** enforced since release 0.6 */
    4444    public static final int MAX_TAGS_RECEIVED = 200;
     45    private static final int ELG_CLEARTEXT_LENGTH = 222;
     46    private static final int ELG_ENCRYPTED_LENGTH = 514;
    4547
    4648    public ElGamalAESEngine(I2PAppContext ctx) {
     
    179181            //if (_log.shouldLog(Log.WARN)) _log.warn("Data is null, unable to decrypt new session");
    180182            return null;
    181         } else if (data.length < 514) {
     183        } else if (data.length < ELG_ENCRYPTED_LENGTH) {
    182184            //if (_log.shouldLog(Log.WARN)) _log.warn("Data length is too small (" + data.length + ")");
    183185            return null;
    184186        }
    185         byte elgEncr[] = new byte[514];
    186         if (data.length > 514) {
    187             System.arraycopy(data, 0, elgEncr, 0, 514);
     187        byte elgEncr[] = new byte[ELG_ENCRYPTED_LENGTH];
     188        if (data.length > ELG_ENCRYPTED_LENGTH) {
     189            System.arraycopy(data, 0, elgEncr, 0, ELG_ENCRYPTED_LENGTH);
    188190        } else {
    189             System.arraycopy(data, 0, elgEncr, 514 - data.length, data.length);
     191            System.arraycopy(data, 0, elgEncr, ELG_ENCRYPTED_LENGTH - data.length, data.length);
    190192        }
    191193        byte elgDecr[] = _context.elGamalEngine().decrypt(elgEncr, targetPrivateKey);
     
    218220        _context.random().harvester().feedEntropy("ElG/AES", elgDecr, offset, elgDecr.length - offset);
    219221
    220         byte aesDecr[] = decryptAESBlock(data, 514, data.length-514, usedKey, iv, null, foundTags, foundKey);
     222        byte aesDecr[] = decryptAESBlock(data, ELG_ENCRYPTED_LENGTH, data.length - ELG_ENCRYPTED_LENGTH,
     223                                         usedKey, iv, null, foundTags, foundKey);
    221224        SimpleByteCache.release(iv);
    222225
     
    509512                                    SessionKey newKey, long paddedSize) {
    510513        //_log.debug("Encrypting to a NEW session");
    511         byte elgSrcData[] = new byte[SessionKey.KEYSIZE_BYTES+32+158];
     514        byte elgSrcData[] = new byte[ELG_CLEARTEXT_LENGTH];
    512515        System.arraycopy(key.getData(), 0, elgSrcData, 0, SessionKey.KEYSIZE_BYTES);
    513516        // get both the preIV and the padding at once, then copy to the preIV array
    514         _context.random().nextBytes(elgSrcData, SessionKey.KEYSIZE_BYTES, 32 + 158);
     517        _context.random().nextBytes(elgSrcData, SessionKey.KEYSIZE_BYTES, ELG_CLEARTEXT_LENGTH - SessionKey.KEYSIZE_BYTES);
    515518        byte preIV[] = SimpleByteCache.acquire(32);
    516519        System.arraycopy(elgSrcData, SessionKey.KEYSIZE_BYTES, preIV, 0, 32);
     
    524527            _log.info("elgEngine.encrypt of the session key took " + (after - before) + "ms");
    525528        }
    526         if (elgEncr.length < 514) {
     529        if (elgEncr.length < ELG_ENCRYPTED_LENGTH) {
    527530            // ??? ElGamalEngine.encrypt() always returns 514 bytes
    528             byte elg[] = new byte[514];
     531            byte elg[] = new byte[ELG_ENCRYPTED_LENGTH];
    529532            int diff = elg.length - elgEncr.length;
    530533            //if (_log.shouldLog(Log.DEBUG)) _log.debug("Difference in size: " + diff);
Note: See TracChangeset for help on using the changeset viewer.