AbstractBlockCipher (Checkpoint Kernel API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

ccs.crypt
Class AbstractBlockCipher

java.lang.Object
  ccs.crypt.Cipher
      ccs.crypt.AbstractBlockCipher

Direct Known Subclasses:: BCCHBlockCipher, NullCipher

public abstract class AbstractBlockCipher
extends Cipher
extends Cipher

A cipher which works on a sequence of blocks. Its ciphertext has a variable-length header, followed by zero or more blocks of length 2^n, for int n, where n = 0 or n >= 3, followed by a fixed-length trailer which may also contain ciphertext. (Typically this contains a padded terminal block which needs special treatment, followed by a MAC.)

Field Summary
`protected byte[]`	`buffer` Stores multiple ciphertext blocks to allow bulk transformation; this is is generally more efficient.

Fields inherited from class ccs.crypt.Cipher
`passwd`

Constructor Summary
`protected`	`AbstractBlockCipher()`

Method Summary
`protected abstract void`	`bufferDecrypt(int nblocks)` Decrypt the number of blocks specified from the internal buffer, updating the MAC with the result.
`protected abstract void`	`bufferEncrypt(int nblocks)` Encrypt the number of blocks specified from the internal buffer, updating the MAC with the result.
`protected boolean`	`checkRegistered(java.lang.Object user, boolean isThrow)`
`abstract int`	`getBlockSizeExp()` The logarithm to base 2 of the block size of the cipher in bytes.
`long`	`getCiphertextLength(long plainlen, boolean isSelfDelimit)` returns the encrypted length of a given length of plaintext.
`protected abstract int`	`getHeaderLength()` The size of the header, without any self-delimitation info.
`protected abstract byte[]`	`getMAC()` Obtain the MAC for the stream.
`protected abstract int`	`getMACLength()` The size of the MAC.
`long`	`getPlaintextLength(long cipherlen, boolean isSelfDelimit)` returns the length of plaintext resulting from a given length of ciphertext - the inverse of `getCiphertextLength`.
`protected int`	`getTrailerLength()` Determine the length of the fixed-length trailer.
`protected abstract void`	`getWhitening(byte[] buf)` Produce and return 8 bytes (exactly) of "whitening".
`protected void`	`register(java.lang.Object user)`
`protected void`	`unregister(java.lang.Object user)`

Methods inherited from class ccs.crypt.Cipher
`getInputStream, getOutputStream, getPasswd, out, setPasswd`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

buffer

protected byte[] buffer

Stores multiple ciphertext blocks to allow bulk transformation; this is is generally more efficient.

Constructor Detail

AbstractBlockCipher

protected AbstractBlockCipher()

Method Detail

register

protected void register(java.lang.Object user)

unregister

protected void unregister(java.lang.Object user)

checkRegistered

protected boolean checkRegistered(java.lang.Object user,
                                  boolean isThrow)

getCiphertextLength

public long getCiphertextLength(long plainlen,
                                boolean isSelfDelimit)

returns the encrypted length of a given length of plaintext. This can usually be computed without knowing the plaintext itself since Ciphers are not supposed to attempt compression.

Specified by:: getCiphertextLength in class Cipher

Parameters:: plainlen - the length of plaintext.; isSelfDelimit - Whether the stream includes its own length.
Returns:: the length of the corresponding ciphertext, or -1 if this cannot be computed for this particular Cipher. Note that this may be odd.

getPlaintextLength

public long getPlaintextLength(long cipherlen,
                               boolean isSelfDelimit)

returns the length of plaintext resulting from a given length of ciphertext - the inverse of getCiphertextLength. However, this is generally difficult or impossible to calculate for a block cipher since an unknown amount of padding is present.

Specified by:: getPlaintextLength in class Cipher

Parameters:: cipherlen - the length of ciphertext.; isSelfDelimit - Whether the stream includes its own length.
Returns:: -1 - we can't work this out in general.

getTrailerLength

protected int getTrailerLength()

Determine the length of the fixed-length trailer. This implementation assumes a CBC mode trailer consisting of two ciphertext blocks (one padded block, plus one padding-control block, both of which require special treatment) plus the MAC.

getWhitening

protected abstract void getWhitening(byte[] buf)

Produce and return 8 bytes (exactly) of "whitening". This should be random-looking but reproducible material which does not depend directly on the key, and can be calculated from the ciphertext header alone. (For CBC-mode ciphers, this header is typically just the IV, and the whitening is typically based on a hash of that IV). This whitening is used in self-delimiting cpihertext streams to obscure the stream length data; actually encrypting it causes too many problems in the event that a user innocently gets the wrong password. Whitening is requested immediately after the header is written (encrypt) or read(decrypt).

Parameters:: buf - The buffer into the first 8 bytes of which the whitening should be placed.

bufferEncrypt

protected abstract void bufferEncrypt(int nblocks)

Encrypt the number of blocks specified from the internal buffer, updating the MAC with the result.

bufferDecrypt

protected abstract void bufferDecrypt(int nblocks)

Decrypt the number of blocks specified from the internal buffer, updating the MAC with the result.

getBlockSizeExp

public abstract int getBlockSizeExp()

The logarithm to base 2 of the block size of the cipher in bytes. Eg. a 64-bit block cipher should return 3.

getMAC

protected abstract byte[] getMAC()

Obtain the MAC for the stream. This will only be called once for a given message. MAC the ciphtertext, not the plaintext, and do include the header as well as all ciphertext blocks. For self-delimited streams, you don't need to MAC the stream length (which is good, 'cos there's no easy way to find out what it is).

getHeaderLength

protected abstract int getHeaderLength()

The size of the header, without any self-delimitation info. Typically this header is just the IV (in CBC mode) and is easy to calculate the length of.

getMACLength

protected abstract int getMACLength()

The size of the MAC. Typically this is a constant.