cryptix.provider.key
Class DESKeyGenerator

java.lang.Object
  |
  +--xjava.security.KeyGenerator
        |
        +--cryptix.provider.key.RawKeyGenerator
              |
              +--cryptix.provider.key.DESKeyGenerator
All Implemented Interfaces:
java.lang.Cloneable, ExtendedKeyGenerator, Parameterized
Direct Known Subclasses:
DES_EDE3KeyGenerator, DES2XKeyGenerator, DESXKeyGenerator

public class DESKeyGenerator
extends RawKeyGenerator

A key generator for (single) DES.

DES keys have a fixed length of 8 bytes, with a parity bit as the LSB of each byte (i.e. there are 2^56 possible keys).

Copyright © 1997 Systemics Ltd on behalf of the Cryptix Development Team.
All rights reserved.

$Revision: 1.2 $

Since:
Cryptix 2.2.0a, 2.2.2
Author:
David Hopwood, Raif Naffah

Constructor Summary
  DESKeyGenerator()
           
protected DESKeyGenerator(java.lang.String algorithm, int seedlength)
          Constructor for use by subclasses that need to specify a different seed length (e.g. for Triple DES).
 
Method Summary
protected  byte[] engineGenerateKey(byte[] seed)
          This method allows subclasses to modify the bytes that will be used to generate a key.
protected  boolean isWeak(byte[] key)
          Returns true iff the first 8 bytes of key represent a weak or semi-weak single DES key.
protected  boolean isWeak(byte[] key, int offset)
          Returns true iff the bytes at key[offset..offset+7] represent a weak or semi-weak single DES key.
protected  void setParity(byte[] array)
          Sets parity bits for the given input array.
 
Methods inherited from class cryptix.provider.key.RawKeyGenerator
generateKey, generateKey, getDefaultKeyLength, getMaximumKeyLength, getMinimumKeyLength, initialize, initialize, isValidKeyLength, isWeakAllowed, setWeakAllowed
 
Methods inherited from class xjava.security.KeyGenerator
clone, engineGetParameter, engineSetParameter, getAlgorithm, getAlgorithms, getAlgorithms, getInstance, getInstance, getParameter, setParameter, toString
 
Methods inherited from class java.lang.Object
, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

DESKeyGenerator

public DESKeyGenerator()

DESKeyGenerator

protected DESKeyGenerator(java.lang.String algorithm,
                          int seedlength)
Constructor for use by subclasses that need to specify a different seed length (e.g. for Triple DES).
Method Detail

engineGenerateKey

protected byte[] engineGenerateKey(byte[] seed)
                            throws WeakKeyException,
                                   java.security.InvalidKeyException
Description copied from class: RawKeyGenerator
This method allows subclasses to modify the bytes that will be used to generate a key. This might be necessary in order to set parity bits, for example.

The seed array contains either randomly generated bytes, or an encoded form of the key. Subclasses should throw a WeakKeyException if isWeakAllowed() is false, and a weak key would have been generated.

The default implementation is as follows: If weak keys are not allowed, and the seed array represents a weak key (i.e. !isWeakAllowed() && isWeak(seed)), throw a WeakKeyException. Otherwise, just return the seed array. This is sufficient if the key does not have any special form (for example, parity bits that should be set correctly).

The seed array can be modified if that is convenient.

Overrides:
engineGenerateKey in class RawKeyGenerator
Following copied from class: cryptix.provider.key.RawKeyGenerator
Parameters:
seed - the seed bytes for this key.
Returns:
the key encoding.

setParity

protected void setParity(byte[] array)
Sets parity bits for the given input array. The least significant bit of each byte is changed to ensure that the byte has odd parity.

isWeak

protected boolean isWeak(byte[] key)
Returns true iff the first 8 bytes of key represent a weak or semi-weak single DES key.
Overrides:
isWeak in class RawKeyGenerator

isWeak

protected boolean isWeak(byte[] key,
                         int offset)
Returns true iff the bytes at key[offset..offset+7] represent a weak or semi-weak single DES key. It can be called either before or after setting parity bits.

(This checks for the 16 weak and semi-weak keys as given by Schneier, Applied Cryptography 2nd ed., tables 12.11 and 12.12. It does not check for the possibly-weak keys in table 12.13.)