package lucee.runtime.crypt;
import java.util.Random;
//package maddany.crypto;
/* Coding by maddany@madloutre.org
* 01-01-2000
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
*/
public final class BlowfishEasy {
// the Blowfish CBC instance
BlowfishCBC m_bfish;
// one random generator for all simple callers...
static Random m_rndGen;
// ...and created early
static {
m_rndGen = new Random();
};
/**
* constructor to set up a string as the key (oversized password will be cut)
* @param sPassword the password (treated as a real unicode array)
*/
public BlowfishEasy(String sPassword) {
// hash down the password to a 160bit key
SHA1 hasher = new SHA1();
hasher.update(sPassword);
hasher.finalize();
// setup the encryptor (use a dummy IV)
m_bfish = new BlowfishCBC(hasher.getDigest(), 0);
hasher.clear();
};
/**
* encrypts a string (treated in UNICODE) using the
* standard Java random generator, which isn't that
* great for creating IVs
* @param sPlainText string to encrypt
* @return encrypted string in binhex format
*/
public String encryptString(String sPlainText) {
// get the IV
long lCBCIV;
synchronized (m_rndGen) {
lCBCIV = m_rndGen.nextLong();
}
// map the call;
return encStr(sPlainText, lCBCIV);
};
/**
* encrypts a string (treated in UNICODE)
* @param sPlainText string to encrypt
* @param rndGen random generator (usually a java.security.SecureRandom instance)
* @return encrypted string in binhex format
*/
public String encryptString(String sPlainText,
Random rndGen) {
// get the IV
long lCBCIV = rndGen.nextLong();
// map the call;
return encStr(sPlainText, lCBCIV);
};
// internal routine for string encryption
private String encStr(String sPlainText,
long lNewCBCIV) {
// allocate the buffer (align to the next 8 byte border plus padding)
int nStrLen = sPlainText.length();
byte[] buf = new byte [((nStrLen << 1) & 0xfffffff8) + 8];
// copy all bytes of the string into the buffer (use network byte order)
int nI;
int nPos = 0;
for (nI = 0; nI < nStrLen; nI++) {
char cActChar = sPlainText.charAt(nI);
buf[nPos++] = (byte) ((cActChar >> 8) & 0x0ff);
buf[nPos++] = (byte) (cActChar & 0x0ff) ;
};
// pad the rest with the PKCS5 scheme
byte bPadVal = (byte)(buf.length - (nStrLen << 1));
while (nPos < buf.length)
buf[nPos++] = bPadVal;
// create the encryptor
m_bfish.setCBCIV(lNewCBCIV);
// encrypt the buffer
m_bfish.encrypt(buf);
// return the binhex string
byte[] newCBCIV = new byte[BlowfishECB.BLOCKSIZE];
BinConverter.longToByteArray(lNewCBCIV,
newCBCIV,
0);
return BinConverter.bytesToBinHex(newCBCIV,
0,
BlowfishECB.BLOCKSIZE) +
BinConverter.bytesToBinHex(buf,
0,
buf.length);
};
/**
* decrypts a hexbin string (handling is case sensitive)
* @param sCipherText hexbin string to decrypt
* @return decrypted string (null equals an error)
*/
public String decryptString(String sCipherText) {
// get the number of estimated bytes in the string (cut off broken blocks)
int nLen = (sCipherText.length() >> 1) & ~7;
// does the given stuff make sense (at least the CBC IV)?
if (nLen < BlowfishECB.BLOCKSIZE)
return null;
// get the CBC IV
byte[] cbciv = new byte[BlowfishECB.BLOCKSIZE];
int nNumOfBytes = BinConverter.binHexToBytes(sCipherText,
cbciv,
0,
0,
BlowfishECB.BLOCKSIZE);
if (nNumOfBytes < BlowfishECB.BLOCKSIZE)
return null;
// (got it)
m_bfish.setCBCIV(cbciv);
// something left to decrypt?
nLen -= BlowfishECB.BLOCKSIZE;
if (nLen == 0)
return "";
// get all data bytes now
byte[] buf = new byte[nLen];
nNumOfBytes = BinConverter.binHexToBytes(sCipherText,
buf,
BlowfishECB.BLOCKSIZE * 2,
0,
nLen);
// we cannot accept broken binhex sequences due to padding
// and decryption
if (nNumOfBytes < nLen)
return null;
// decrypt the buffer
m_bfish.decrypt(buf);
// get the last padding byte
int nPadByte = buf[buf.length - 1] & 0x0ff;
// ( try to get all information if the padding doesn't seem to be correct)
if ((nPadByte > 8) || (nPadByte < 0))
nPadByte = 0;
// calculate the real size of this message
nNumOfBytes -= nPadByte;
if (nNumOfBytes < 0)
return "";
// success
return BinConverter.byteArrayToUNCString(buf, 0, nNumOfBytes);
};
/**
* destroys (clears) the encryption engine,
* after that the instance is not valid anymore
*/
public void destroy() {
m_bfish.cleanUp();
};
};