Skip to content

Commit 8a73f08

Browse files
committed
Added table use obfuscation to AESFastEngine
JDK 1.4 compiler updates.
1 parent 02417ce commit 8a73f08

File tree

3 files changed

+11
-79
lines changed

3 files changed

+11
-79
lines changed

Diff for: core/src/main/java/org/bouncycastle/crypto/engines/AESFastEngine.java

+4-2
Original file line numberDiff line numberDiff line change
@@ -26,9 +26,11 @@
2626
* the contents of the first
2727
*
2828
* The slowest version uses no static tables at all and computes the values in each round
29+
* </p>
2930
* <p>
30-
* This file contains the fast version with 8Kbytes of static tables for round precomputation
31-
*
31+
* This file contains the fast version with 8Kbytes of static tables for round precomputation.
32+
* </p>
33+
* @deprecated unfortunately this class is has a few side channel issues. In an environment where encryption/decryption may be closely observed it should not be used.
3234
*/
3335
public class AESFastEngine
3436
implements BlockCipher
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,5 @@
11
package org.bouncycastle.jcajce.provider.drbg;
22

3-
import java.lang.reflect.Constructor;
43
import java.security.SecureRandom;
54
import java.security.SecureRandomSpi;
65

@@ -22,22 +21,19 @@ public static class Default
2221
extends SecureRandomSpi
2322
{
2423
private SecureRandom random = new SP800SecureRandomBuilder(secureRandom, true)
25-
.setPersonalizationString(generateDefaultPersonalizationString())
24+
.setPersonalizationString(generateDefaultPersonalizationString(secureRandom))
2625
.buildHash(new SHA512Digest(), secureRandom.generateSeed(32), true);
2726

28-
@Override
2927
protected void engineSetSeed(byte[] bytes)
3028
{
3129
random.setSeed(bytes);
3230
}
3331

34-
@Override
3532
protected void engineNextBytes(byte[] bytes)
3633
{
3734
random.nextBytes(bytes);
3835
}
3936

40-
@Override
4137
protected byte[] engineGenerateSeed(int numBytes)
4238
{
4339
return secureRandom.generateSeed(numBytes);
@@ -48,22 +44,19 @@ public static class NonceAndIV
4844
extends SecureRandomSpi
4945
{
5046
private SecureRandom random = new SP800SecureRandomBuilder(secureRandom, true)
51-
.setPersonalizationString(generateNonceIVPersonalizationString())
47+
.setPersonalizationString(generateNonceIVPersonalizationString(secureRandom))
5248
.buildHash(new SHA512Digest(), secureRandom.generateSeed(32), false);
5349

54-
@Override
5550
protected void engineSetSeed(byte[] bytes)
5651
{
5752
random.setSeed(bytes);
5853
}
5954

60-
@Override
6155
protected void engineNextBytes(byte[] bytes)
6256
{
6357
random.nextBytes(bytes);
6458
}
6559

66-
@Override
6760
protected byte[] engineGenerateSeed(int numBytes)
6861
{
6962
return secureRandom.generateSeed(numBytes);
@@ -84,78 +77,15 @@ public void configure(ConfigurableProvider provider)
8477
}
8578
}
8679

87-
private static byte[] generateDefaultPersonalizationString()
80+
private static byte[] generateDefaultPersonalizationString(SecureRandom random)
8881
{
89-
return Arrays.concatenate(Strings.toByteArray("Default"), Strings.toUTF8ByteArray(getVIMID()),
82+
return Arrays.concatenate(Strings.toByteArray("Default"), random.generateSeed(16),
9083
Pack.longToBigEndian(Thread.currentThread().getId()), Pack.longToBigEndian(System.currentTimeMillis()));
9184
}
9285

93-
private static byte[] generateNonceIVPersonalizationString()
86+
private static byte[] generateNonceIVPersonalizationString(SecureRandom random)
9487
{
95-
return Arrays.concatenate(Strings.toByteArray("Default"), Strings.toUTF8ByteArray(getVIMID()),
88+
return Arrays.concatenate(Strings.toByteArray("Nonce"), random.generateSeed(16),
9689
Pack.longToLittleEndian(Thread.currentThread().getId()), Pack.longToLittleEndian(System.currentTimeMillis()));
9790
}
98-
99-
private static final Constructor vimIDConstructor;
100-
101-
static
102-
{
103-
Class vimIDClass = lookup("java.rmi.dgc.VMID");
104-
if (vimIDClass != null)
105-
{
106-
vimIDConstructor = findConstructor(vimIDClass);
107-
}
108-
else
109-
{
110-
vimIDConstructor = null;
111-
}
112-
}
113-
114-
private static Class lookup(String className)
115-
{
116-
try
117-
{
118-
Class def = DRBG.class.getClassLoader().loadClass(className);
119-
120-
return def;
121-
}
122-
catch (Exception e)
123-
{
124-
return null;
125-
}
126-
}
127-
128-
private static Constructor findConstructor(Class clazz)
129-
{
130-
try
131-
{
132-
return clazz.getConstructor();
133-
}
134-
catch (Exception e)
135-
{
136-
return null;
137-
}
138-
}
139-
140-
static String getVIMID()
141-
{
142-
if (vimIDConstructor != null)
143-
{
144-
Object vimID = null;
145-
try
146-
{
147-
vimID = vimIDConstructor.newInstance();
148-
}
149-
catch (Exception i)
150-
{
151-
// might happen, fall through if it does
152-
}
153-
if (vimID != null)
154-
{
155-
return vimID.toString();
156-
}
157-
}
158-
159-
return "No VIM ID"; // TODO: maybe there is a system property we can use here.
160-
}
16191
}

Diff for: prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java

+1-1
Original file line numberDiff line numberDiff line change
@@ -184,7 +184,7 @@ public int doFinal(byte[] out, int outOff)
184184
}
185185
catch (InvalidCipherTextException e)
186186
{
187-
throw new IllegalStateException("exception on doFinal()", e);
187+
throw new IllegalStateException("exception on doFinal(): " + e.toString());
188188
}
189189
}
190190

0 commit comments

Comments
 (0)