cryptix.provider.cipher
Class SAFER

java.lang.Object
  |
  +--xjava.security.IJCE_Traceable
        |
        +--xjava.security.Cipher
              |
              +--cryptix.provider.cipher.SAFER
All Implemented Interfaces:
Parameterized, SymmetricCipher

public final class SAFER
extends Cipher
implements SymmetricCipher

A subclass of Cipher to implement the SAFER algorithm in Java.

SAFER (Secure And Fast Encryption Routine) is a block-cipher algorithm developed by Prof. J.L. Massey at the Swiss Federal Institute of Technology. SAFER is usable in four versions (referred to in this implementation as VARIANTS): SAFER K-64, SAFER K-128, SAFER SK-64 and SAFER SK-128. The numerals 64 and 128 stand for the length of the user-selected key, 'K' stands for the original key schedule and 'SK' stands for the strengthened key schedule.

References:

  1. Massey, J.L., "SAFER K-64: A Byte-Oriented Block Ciphering Algorithm", pp. 1-17 in Fast Software Encryption (Ed. R. Anderson), Proceedings of the Cambridge Security Workshop, Cambridge, U.K., December 9-11, 1993,
    Lecture Notes in Computer Science No. 809. Heidelberg and New York: Springer, 1994.

  2. Massey, J.L., "SAFER K-64: One Year Later", preliminary manuscript of a paper presented at the K. U. Leuven Workshop on Cryptographic Algorithms, December 14-16, 1994.
    To be published in the Proceedings of this workshop by Springer.

  3. Massey, J.L., "Announcement of a Strengthened Key Schedule for the Cipher SAFER", Sept. 9, 1995, (see file 'SAFER_SK.TXT' included in the toolkit).

  4. Richard De Moliner <demoliner@isi.ee.ethz.ch> SAFER toolkit V1.2 includes C implementation, additional notes, test data, test program.

Ported to Java from public domain 'C' code latest revised on September 9, 1995 by:

Richard De Moliner (demoliner@isi.ee.ethz.ch)
Signal and Information Processing Laboratory
Swiss Federal Institute of Technology
CH-8092 Zürich, Switzerland.

Copyright © 1997 Systemics Ltd on behalf of the Cryptix Development Team.
All rights reserved.

$Revision: 1.8 $

Since:
Cryptix 2.2.2
Author:
Raif S. Naffah, David Hopwood

Field Summary
static int K128_VARIANT
           
static int K64_VARIANT
           
static int SK128_VARIANT
           
static int SK64_VARIANT
           
 
Fields inherited from class xjava.security.Cipher
DECRYPT, ENCRYPT, UNINITIALIZED
 
Fields inherited from class xjava.security.IJCE_Traceable
tracing
 
Constructor Summary
SAFER()
          Calls the Cipher constructor with implBuffering false, implPadding false and the provider set to "Cryptix".
 
Method Summary
(package private) static void ()
           
 java.lang.Object clone()
          Always throws a CloneNotSupportedException (cloning of ciphers is not supported for security reasons).
 int engineBlockSize()
          SPI: Returns the length of an input block, in bytes.
protected  java.lang.Object engineGetParameter(java.lang.String param)
          SPI: Gets the value of the specified algorithm parameter.
 void engineInitDecrypt(java.security.Key key)
          SPI: Initializes this cipher for decryption, using the specified key.
 void engineInitEncrypt(java.security.Key key)
          SPI: Initializes this cipher for encryption, using the specified key.
protected  void engineSetParameter(java.lang.String param, java.lang.Object value)
          SPI: Sets the specified algorithm parameter to the specified value.
protected  int engineUpdate(byte[] in, int inOffset, int inLen, byte[] out, int outOffset)
          SPI: This is the main engine method for updating data.
protected  void finalize()
          Cleans up resources used by this instance, if necessary.
static LinkStatus getLinkStatus()
          Gets an object representing the native linking status of this class.
 int getRounds()
          Gets the number of rounds for this cipher.
 java.lang.String getVariant()
          Gets the variant for this cipher ("SK-128", "SK-64", "K-128", or "K-64").
 void setRounds(int rounds)
          Sets the number of rounds for this cipher.
 void setVariant(java.lang.String ps)
          Sets the variant for this cipher.
 
Methods inherited from class xjava.security.Cipher
blockSize, crypt, crypt, crypt, doFinal, doFinal, doFinal, doFinal, engineCiphertextBlockSize, engineCrypt, engineInBufferSize, engineOutBufferSize, enginePlaintextBlockSize, engineSetPaddingScheme, getAlgorithm, getAlgorithms, getAlgorithms, getCiphertextBlockSize, getInputBlockSize, getInstance, getInstance, getInstance, getMode, getOutputBlockSize, getPadding, getPaddingScheme, getParameter, getPlaintextBlockSize, getProvider, getState, inBufferSize, inBufferSizeFinal, initDecrypt, initEncrypt, isPaddingBlockCipher, outBufferSize, outBufferSizeFinal, setParameter, toString, update, update, update, update
 
Methods inherited from class xjava.security.IJCE_Traceable
disableTracing, enableTracing, traceMethod, traceResult, traceResult, traceVoidMethod
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

SK128_VARIANT

public static final int SK128_VARIANT

SK64_VARIANT

public static final int SK64_VARIANT

K128_VARIANT

public static final int K128_VARIANT

K64_VARIANT

public static final int K64_VARIANT
Constructor Detail

SAFER

public SAFER()
Calls the Cipher constructor with implBuffering false, implPadding false and the provider set to "Cryptix".

Sets the variant of this cipher based on the currently set "variant" property in the provider properties file. The current JCE syntax for the SAFER algorithm variant property is:

    Alg.variant.SAFER = ...
 

Valid alternatives for variant are:

Once the variant is set, a default value for the number of rounds to use is also set as follows:

    Variant   Number of rounds = current value
    -------   --------------------------------
    SK-128    SK128_DEFAULT_NOF_ROUNDS = 10
    SK-64     SK64_DEFAULT_NOF_ROUNDS  =  8
    K-128     K128_DEFAULT_NOF_ROUNDS  = 10
    K-64      K64_DEFAULT_NOF_ROUNDS   =  6
 

If no variant property is found in the provider's properties file a strengthened key schedule of 128 bits is used with 10 rounds.

This constructor also attempts to set the desired number of rounds for this cipher object from a "rounds" property in the provider's properties file. Acceptable values are non-zero integers between 1 and the MAX_NOF_ROUNDS constant; i.e. 13. If no such property is found, or is found but deemed invalid, then the already set value (depending on the variant property as determined above) remains unaltered.

Method Detail

getLinkStatus

public static LinkStatus getLinkStatus()
Gets an object representing the native linking status of this class.

static void ()

finalize

protected final void finalize()
Cleans up resources used by this instance, if necessary.
Overrides:
finalize in class java.lang.Object

clone

public final java.lang.Object clone()
                             throws java.lang.CloneNotSupportedException
Always throws a CloneNotSupportedException (cloning of ciphers is not supported for security reasons).
Overrides:
clone in class Cipher
Following copied from class: xjava.security.Cipher
Throws:
java.lang.CloneNotSupportedException - if the cipher is not cloneable.

engineBlockSize

public int engineBlockSize()
SPI: Returns the length of an input block, in bytes.
Overrides:
engineBlockSize in class Cipher
Returns:
the length in bytes of an input block for this cipher.

engineInitEncrypt

public void engineInitEncrypt(java.security.Key key)
                       throws java.security.KeyException
SPI: Initializes this cipher for encryption, using the specified key.
Overrides:
engineInitEncrypt in class Cipher
Parameters:
key - the key to use for encryption.
Throws:
java.security.KeyException - if the key is invalid.

engineInitDecrypt

public void engineInitDecrypt(java.security.Key key)
                       throws java.security.KeyException
SPI: Initializes this cipher for decryption, using the specified key.
Overrides:
engineInitDecrypt in class Cipher
Parameters:
key - the key to use for decryption.
Throws:
java.security.KeyException - if the key is invalid.

engineUpdate

protected int engineUpdate(byte[] in,
                           int inOffset,
                           int inLen,
                           byte[] out,
                           int outOffset)
SPI: This is the main engine method for updating data.

in and out may be the same array, and the input and output regions may overlap.

Overrides:
engineUpdate in class Cipher
Parameters:
in - the input data.
inOffset - the offset into in specifying where the data starts.
inLen - the length of the subarray.
out - the output array.
outOffset - the offset indicating where to start writing into the out array.
Returns:
the number of bytes written.
Throws:
CryptixException - if the native library is being used, and it reports an error.

engineSetParameter

protected void engineSetParameter(java.lang.String param,
                                  java.lang.Object value)
                           throws NoSuchParameterException,
                                  java.security.InvalidParameterException,
                                  InvalidParameterTypeException
Description copied from class: Cipher
SPI: Sets the specified algorithm parameter to the specified value.

This method supplies a general-purpose mechanism through which it is possible to set the various parameters of this object. A parameter may be any settable parameter for the algorithm, such as block size, a source of random bits for IV generation (if appropriate), or an indication of whether or not to perform a specific but optional computation. A uniform algorithm-specific naming scheme for each parameter is desirable but left unspecified at this time.

The default implementation always throws a NoSuchParameterException.

This method is not supported in JavaSoft's version of JCE.

Overrides:
engineSetParameter in class Cipher
Following copied from class: xjava.security.Cipher
Parameters:
param - the string name of the parameter.
value - the parameter value.
Throws:
NoSuchParameterException - if there is no parameter with name param for this cipher implementation.
java.security.InvalidParameterException - if the parameter exists but cannot be set (for example because the cipher is in the wrong state).
InvalidParameterTypeException - if value is the wrong type for this parameter.

engineGetParameter

protected java.lang.Object engineGetParameter(java.lang.String param)
                                       throws NoSuchParameterException,
                                              java.security.InvalidParameterException
Description copied from class: Cipher
SPI: Gets the value of the specified algorithm parameter.

This method supplies a general-purpose mechanism through which it is possible to get the various parameters of this object. A parameter may be any settable parameter for the algorithm, such as block size, a source of random bits for IV generation (if appropriate), or an indication of whether or not to perform a specific but optional computation. A uniform algorithm-specific naming scheme for each parameter is desirable but left unspecified at this time.

The default implementation always throws a NoSuchParameterException.

This method is not supported in JavaSoft's version of JCE.

Overrides:
engineGetParameter in class Cipher
Following copied from class: xjava.security.Cipher
Parameters:
param - the string name of the parameter.
Returns:
the object that represents the parameter value.
Throws:
NoSuchParameterException - if there is no parameter with name param for this cipher implementation.
java.security.InvalidParameterException - if the parameter exists but cannot be read.

setRounds

public void setRounds(int rounds)
Sets the number of rounds for this cipher. Allowed only when this cipher is in the UNINITIALIZED state; otherwise an exception is thrown.

If the specified number is invalid, the current one remains unchanged.

Parameters:
rounds - the desired number of rounds for this cipher.

getRounds

public int getRounds()
Gets the number of rounds for this cipher.

setVariant

public void setVariant(java.lang.String ps)
Sets the variant for this cipher. Allowed only when this cipher is in the UNINITIALIZED state; otherwise an exception is thrown.
Parameters:
ps - The desired new variant identifier for this cipher.

getVariant

public java.lang.String getVariant()
Gets the variant for this cipher ("SK-128", "SK-64", "K-128", or "K-64").