You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by co...@apache.org on 2015/02/09 12:16:24 UTC
directory-kerberos git commit: Some refactoring of kerb-crypto
Repository: directory-kerberos
Updated Branches:
refs/heads/master 02ea20f63 -> 97d079535
Some refactoring of kerb-crypto
Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/97d07953
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/97d07953
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/97d07953
Branch: refs/heads/master
Commit: 97d079535f31659a563dc35173270e6bcc5e2b35
Parents: 02ea20f
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Mon Feb 9 11:16:12 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Mon Feb 9 11:16:12 2015 +0000
----------------------------------------------------------------------
.../kerb/crypto/AbstractCryptoTypeHandler.java | 12 ++++++++----
.../kerb/crypto/cksum/CmacKcCheckSum.java | 3 +--
.../kerb/crypto/cksum/HmacKcCheckSum.java | 3 +--
.../kerb/crypto/cksum/HmacMd5Rc4CheckSum.java | 6 ++----
.../kerberos/kerb/crypto/cksum/KcCheckSum.java | 6 ++----
.../kerb/crypto/cksum/Md5HmacRc4CheckSum.java | 3 +--
.../kerb/crypto/enc/AbstractEncTypeHandler.java | 2 +-
.../kerby/kerberos/kerb/crypto/enc/KeKiEnc.java | 17 +++++++----------
.../kerberos/kerb/crypto/enc/Rc4HmacEnc.java | 6 ++----
.../kerb/crypto/enc/provider/DesProvider.java | 14 +++-----------
.../kerberos/kerb/crypto/key/AesKeyMaker.java | 4 +---
.../kerb/crypto/key/CamelliaKeyMaker.java | 16 +++++-----------
.../kerberos/kerb/crypto/key/Des3KeyMaker.java | 6 ++----
.../kerberos/kerb/crypto/key/DesKeyMaker.java | 4 +---
.../kerberos/kerb/crypto/key/DkKeyMaker.java | 2 +-
.../kerberos/kerb/crypto/util/BytesUtil.java | 12 +++++-------
.../kerby/kerberos/kerb/crypto/util/Crc32.java | 3 +--
.../kerby/kerberos/kerb/crypto/util/Hmac.java | 3 +--
.../kerby/kerberos/kerb/crypto/util/Nfold.java | 19 ++++++++-----------
.../kerby/kerberos/kerb/crypto/util/Pbkdf.java | 4 +---
.../kerberos/kerb/crypto/CamelliaEncTest.java | 2 +-
.../kerby/kerberos/kerb/crypto/CheckSumTest.java | 3 +--
.../kerby/kerberos/kerb/crypto/CmacTest.java | 3 +--
23 files changed, 57 insertions(+), 96 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java
index 71103c5..1a809a7 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/AbstractCryptoTypeHandler.java
@@ -51,15 +51,19 @@ public abstract class AbstractCryptoTypeHandler implements CryptoTypeHandler {
protected static boolean checksumEqual(byte[] cksum1,
byte[] cksum2, int cksum2Start, int len) {
- if (cksum1 == cksum2)
+ if (cksum1 == cksum2) {
return true;
- if (cksum1 == null || cksum2 == null)
+ }
+ if (cksum1 == null || cksum2 == null) {
return false;
+ }
if (len <= cksum2.length && len <= cksum1.length) {
- for (int i = 0; i < len; i++)
- if (cksum1[i] != cksum2[cksum2Start + i])
+ for (int i = 0; i < len; i++) {
+ if (cksum1[i] != cksum2[cksum2Start + i]) {
return false;
+ }
+ }
} else {
return false;
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
index 6a51d29..90f676f 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/CmacKcCheckSum.java
@@ -30,7 +30,6 @@ public abstract class CmacKcCheckSum extends KcCheckSum {
}
protected byte[] mac(byte[] Kc, byte[] data, int start, int len) throws KrbException {
- byte[] mac = Cmac.cmac(encProvider(), Kc, data, start, len);
- return mac;
+ return Cmac.cmac(encProvider(), Kc, data, start, len);
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
index 03b8c0b..3f2fd84 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacKcCheckSum.java
@@ -31,7 +31,6 @@ public abstract class HmacKcCheckSum extends KcCheckSum {
}
protected byte[] mac(byte[] Kc, byte[] data, int start, int len) throws KrbException {
- byte[] hmac = Hmac.hmac(hashProvider(), Kc, data, start, len);
- return hmac;
+ return Hmac.hmac(hashProvider(), Kc, data, start, len);
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java
index 3123f71..6a588b1 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/HmacMd5Rc4CheckSum.java
@@ -55,11 +55,10 @@ public class HmacMd5Rc4CheckSum extends AbstractKeyedCheckSumTypeHandler {
protected byte[] doChecksumWithKey(byte[] data, int start, int len,
byte[] key, int usage) throws KrbException {
- byte[] Ksign = null;
byte[] signKey = "signaturekey".getBytes();
byte[] newSignKey = new byte[signKey.length + 1];
System.arraycopy(signKey, 0, newSignKey, 0, signKey.length);
- Ksign = Hmac.hmac(hashProvider(), key, newSignKey);
+ byte[] Ksign = Hmac.hmac(hashProvider(), key, newSignKey);
byte[] salt = Rc4.getSalt(usage, false);
@@ -67,7 +66,6 @@ public class HmacMd5Rc4CheckSum extends AbstractKeyedCheckSumTypeHandler {
hashProvider().hash(data, start, len);
byte[] hashTmp = hashProvider().output();
- byte[] hmac = Hmac.hmac(hashProvider(), Ksign, hashTmp);
- return hmac;
+ return Hmac.hmac(hashProvider(), Ksign, hashTmp);
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/KcCheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/KcCheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/KcCheckSum.java
index 2e7db3b..9550c08 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/KcCheckSum.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/KcCheckSum.java
@@ -34,14 +34,12 @@ public abstract class KcCheckSum extends AbstractKeyedCheckSumTypeHandler {
@Override
protected byte[] doChecksumWithKey(byte[] data, int start, int len,
byte[] key, int usage) throws KrbException {
- byte[] Kc;
byte[] constant = new byte[5];
BytesUtil.int2bytes(usage, constant, 0, true);
constant[4] = (byte) 0x99;
- Kc = ((DkKeyMaker) keyMaker()).dk(key, constant);
+ byte[] Kc = ((DkKeyMaker) keyMaker()).dk(key, constant);
- byte[] mac = mac(Kc, data, start, len);
- return mac;
+ return mac(Kc, data, start, len);
}
protected abstract byte[] mac(byte[] Kc, byte[] data, int start,
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java
index 038631e..26f9e9d 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/cksum/Md5HmacRc4CheckSum.java
@@ -63,7 +63,6 @@ public class Md5HmacRc4CheckSum extends AbstractKeyedCheckSumTypeHandler {
hashProvider().hash(data, start, len);
byte[] hashTmp = hashProvider().output();
- byte[] hmac = Hmac.hmac(hashProvider(), Ksign, hashTmp);
- return hmac;
+ return Hmac.hmac(hashProvider(), Ksign, hashTmp);
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java
index 99828c8..9708de7 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/AbstractEncTypeHandler.java
@@ -123,7 +123,7 @@ public abstract class AbstractEncTypeHandler
byte[] workBuffer = new byte[workLength];
System.arraycopy(data, 0, workBuffer, headerLen, data.length);
- int [] workLens = new int[] {confounderLen, checksumLen,
+ int[] workLens = new int[] {confounderLen, checksumLen,
inputLen, paddingLen};
encryptWith(workBuffer, workLens, key, iv, usage);
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiEnc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiEnc.java
index b1bc7dc..9f2e5ec 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiEnc.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/KeKiEnc.java
@@ -47,16 +47,16 @@ public abstract class KeKiEnc extends AbstractEncTypeHandler {
int inputLen = workLens[2];
int paddingLen = workLens[3];
- byte[] Ke, Ki;
byte[] constant = new byte[5];
constant[0] = (byte) ((usage>>24)&0xff);
constant[1] = (byte) ((usage>>16)&0xff);
constant[2] = (byte) ((usage>>8)&0xff);
constant[3] = (byte) (usage&0xff);
constant[4] = (byte) 0xaa;
- Ke = ((DkKeyMaker) keyMaker()).dk(key, constant);
+
+ byte[] Ke = ((DkKeyMaker) keyMaker()).dk(key, constant);
constant[4] = (byte) 0x55;
- Ki = ((DkKeyMaker) keyMaker()).dk(key, constant);
+ byte[] Ki = ((DkKeyMaker) keyMaker()).dk(key, constant);
/**
* Instead of E(Confounder | Checksum | Plaintext | Padding),
@@ -79,8 +79,7 @@ public abstract class KeKiEnc extends AbstractEncTypeHandler {
}
// checksum & encrypt
- byte[] checksum;
- checksum = makeChecksum(Ki, tmpEnc, checksumLen);
+ byte[] checksum = makeChecksum(Ki, tmpEnc, checksumLen);
encProvider().encrypt(Ke, iv, tmpEnc);
System.arraycopy(tmpEnc, 0, workBuffer, 0, tmpEnc.length);
@@ -94,13 +93,12 @@ public abstract class KeKiEnc extends AbstractEncTypeHandler {
int checksumLen = workLens[1];
int dataLen = workLens[2];
- byte[] Ke, Ki;
byte[] constant = new byte[5];
BytesUtil.int2bytes(usage, constant, 0, true);
constant[4] = (byte) 0xaa;
- Ke = ((DkKeyMaker) keyMaker()).dk(key, constant);
+ byte[] Ke = ((DkKeyMaker) keyMaker()).dk(key, constant);
constant[4] = (byte) 0x55;
- Ki = ((DkKeyMaker) keyMaker()).dk(key, constant);
+ byte[] Ki = ((DkKeyMaker) keyMaker()).dk(key, constant);
// decrypt and verify checksum
@@ -111,9 +109,8 @@ public abstract class KeKiEnc extends AbstractEncTypeHandler {
System.arraycopy(workBuffer, confounderLen + dataLen,
checksum, 0, checksumLen);
- byte[] newChecksum;
encProvider().decrypt(Ke, iv, tmpEnc);
- newChecksum = makeChecksum(Ki, tmpEnc, checksumLen);
+ byte[] newChecksum = makeChecksum(Ki, tmpEnc, checksumLen);
if (! checksumEqual(checksum, newChecksum)) {
throw new KrbException(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY);
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacEnc.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacEnc.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacEnc.java
index 9d9e90d..1347fc9 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacEnc.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/Rc4HmacEnc.java
@@ -97,8 +97,7 @@ public class Rc4HmacEnc extends AbstractEncTypeHandler {
protected byte[] makeUsageKey(byte[] key, int usage) throws KrbException {
byte[] salt = Rc4.getSalt(usage, exportable);
- byte[] usageKey = Hmac.hmac(hashProvider(), key, salt);
- return usageKey;
+ return Hmac.hmac(hashProvider(), key, salt);
}
protected byte[] makeEncKey(byte[] usageKey, byte[] checksum) throws KrbException {
@@ -111,8 +110,7 @@ public class Rc4HmacEnc extends AbstractEncTypeHandler {
}
}
- byte[] encKey = Hmac.hmac(hashProvider(), tmpKey, checksum);
- return encKey;
+ return Hmac.hmac(hashProvider(), tmpKey, checksum);
}
@Override
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/DesProvider.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/DesProvider.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/DesProvider.java
index 0a03027..75a1cde 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/DesProvider.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/enc/provider/DesProvider.java
@@ -22,8 +22,6 @@ package org.apache.kerby.kerberos.kerb.crypto.enc.provider;
import org.apache.kerby.kerberos.kerb.KrbException;
import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.GeneralSecurityException;
@@ -47,10 +45,7 @@ public class DesProvider extends AbstractEncryptProvider {
IvParameterSpec params = new IvParameterSpec(cipherState);
SecretKeySpec skSpec = new SecretKeySpec(key, "DES");
try {
- SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
- SecretKey sk = (SecretKey) skSpec;
-
- cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, sk, params);
+ cipher.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, skSpec, params);
byte[] output = cipher.doFinal(input);
System.arraycopy(output, 0, input, 0, output.length);
@@ -74,13 +69,10 @@ public class DesProvider extends AbstractEncryptProvider {
byte[] output = null;
try {
- SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
- // SecretKey sk = skf.generateSecret(skSpec);
- SecretKey sk = (SecretKey) skSpec;
- cipher.init(Cipher.ENCRYPT_MODE, sk, params);
+ cipher.init(Cipher.ENCRYPT_MODE, skSpec, params);
for (int i = 0; i < data.length / 8; i++) {
output = cipher.doFinal(data, i * 8, 8);
- cipher.init(Cipher.ENCRYPT_MODE, sk, (new IvParameterSpec(output)));
+ cipher.init(Cipher.ENCRYPT_MODE, skSpec, (new IvParameterSpec(output)));
}
}
catch (GeneralSecurityException e) {
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AesKeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AesKeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AesKeyMaker.java
index f777a12..7f1ac1f 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AesKeyMaker.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/AesKeyMaker.java
@@ -57,9 +57,7 @@ public class AesKeyMaker extends DkKeyMaker {
}
byte[] tmpKey = random2Key(random);
- byte[] result = dk(tmpKey, KERBEROS_CONSTANT);
-
- return result;
+ return dk(tmpKey, KERBEROS_CONSTANT);
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/CamelliaKeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/CamelliaKeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/CamelliaKeyMaker.java
index a790a38..83f6f59 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/CamelliaKeyMaker.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/CamelliaKeyMaker.java
@@ -59,15 +59,12 @@ public class CamelliaKeyMaker extends DkKeyMaker {
}
byte[] tmpKey = random2Key(random);
- byte[] result = dk(tmpKey, KERBEROS_CONSTANT);
-
- return result;
+ return dk(tmpKey, KERBEROS_CONSTANT);
}
private String getPepper() {
int keySize = encProvider().keySize();
- String pepper = keySize == 16 ? "camellia128-cts-cmac" : "camellia256-cts-cmac";
- return pepper;
+ return keySize == 16 ? "camellia128-cts-cmac" : "camellia256-cts-cmac";
}
/*
@@ -79,7 +76,6 @@ public class CamelliaKeyMaker extends DkKeyMaker {
int blocksize = encProvider().blockSize();
int keyInuptSize = encProvider().keyInputSize();
byte[] keyBytes = new byte[keyInuptSize];
- byte[] Ki;
int len = 0;
// K(i-1): the previous block of PRF output, initially all-zeros.
@@ -93,18 +89,16 @@ public class CamelliaKeyMaker extends DkKeyMaker {
// four-byte big-endian binary string giving the output length
len += 4;
- Ki = new byte[len];
+ byte[] Ki = new byte[len];
System.arraycopy(constant, 0, Ki, blocksize + 4, constant.length);
BytesUtil.int2bytes(keyInuptSize * 8, Ki, len - 4, true);
- int i, n = 0;
- byte[] tmp;
- for (i = 1, n = 0; n < keyInuptSize; i++) {
+ for (int i = 1, n = 0; n < keyInuptSize; i++) {
// Update the block counter
BytesUtil.int2bytes(i, Ki, blocksize, true);
// Compute a CMAC checksum, update Ki with the result
- tmp = Cmac.cmac(encProvider(), key, Ki);
+ byte[] tmp = Cmac.cmac(encProvider(), key, Ki);
System.arraycopy(tmp, 0, Ki, 0, blocksize);
if (n + blocksize >= keyInuptSize) {
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Des3KeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Des3KeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Des3KeyMaker.java
index 363eb29..28c29ac 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Des3KeyMaker.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/Des3KeyMaker.java
@@ -49,11 +49,9 @@ public class Des3KeyMaker extends DkKeyMaker {
* 8 key bytes, then compute the parity bits. Do this three times.
*/
byte[] key = new byte[encProvider().keySize()];
- int nthByte;
- int tmp;
for (int i = 0; i < 3; i++) {
System.arraycopy(randomBits, i * 7, key, i * 8, 7);
- nthByte = i * 8;
+ int nthByte = i * 8;
key[nthByte + 7] = (byte) (((key[nthByte + 0] & 1) << 1) |
((key[nthByte + 1] & 1) << 2) |
@@ -64,7 +62,7 @@ public class Des3KeyMaker extends DkKeyMaker {
((key[nthByte + 6] & 1) << 7));
for (int j = 0; j < 8; j++) {
- tmp = key[nthByte + j] & 0xfe;
+ int tmp = key[nthByte + j] & 0xfe;
tmp |= (Integer.bitCount(tmp) & 1) ^ 1;
key[nthByte + j] = (byte) tmp;
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DesKeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DesKeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DesKeyMaker.java
index daf15c2..d8e01d9 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DesKeyMaker.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DesKeyMaker.java
@@ -52,8 +52,7 @@ public class DesKeyMaker extends AbstractKeyMaker {
throw new KrbException(error);
}
- byte[] key = toKey(string, salt);
- return key;
+ return toKey(string, salt);
}
/**
@@ -233,7 +232,6 @@ public class DesKeyMaker extends AbstractKeyMaker {
=>
11000001 00011111 00111000 01101000 10001010 11001000 01101101 00101111
*/
- byte bt;
for (int i = 0; i < 8; i++) {
bits56[i] <<= 1;
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DkKeyMaker.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DkKeyMaker.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DkKeyMaker.java
index ad38932..c279d7a 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DkKeyMaker.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/key/DkKeyMaker.java
@@ -55,7 +55,7 @@ public abstract class DkKeyMaker extends AbstractKeyMaker {
System.arraycopy(constant, 0, Ki, 0, constant.length);
}
- int n = 0, len;
+ int n = 0;
while (n < keyInuptSize) {
encProvider().encrypt(key, Ki);
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/BytesUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/BytesUtil.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/BytesUtil.java
index 1c58293..c85d8c5 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/BytesUtil.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/BytesUtil.java
@@ -162,21 +162,19 @@ public class BytesUtil {
}
public static void xor(byte[] input, int offset, byte[] output) {
- int a, b;
for (int i = 0; i < output.length / 4; ++i) {
- a = BytesUtil.bytes2int(input, offset + i * 4, true);
- b = BytesUtil.bytes2int(output, i * 4, true);
+ int a = BytesUtil.bytes2int(input, offset + i * 4, true);
+ int b = BytesUtil.bytes2int(output, i * 4, true);
b = a ^ b;
BytesUtil.int2bytes(b, output, i * 4, true);
}
}
public static void xor(byte[] a, byte[] b, byte[] output) {
- int av, bv, v;
for (int i = 0; i < a.length / 4; ++i) {
- av = BytesUtil.bytes2int(a, i * 4, true);
- bv = BytesUtil.bytes2int(b, i * 4, true);
- v = av ^ bv;
+ int av = BytesUtil.bytes2int(a, i * 4, true);
+ int bv = BytesUtil.bytes2int(b, i * 4, true);
+ int v = av ^ bv;
BytesUtil.int2bytes(v, output, i * 4, true);
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Crc32.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Crc32.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Crc32.java
index 5807429..c12fe2a 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Crc32.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Crc32.java
@@ -67,9 +67,8 @@ public class Crc32 {
public static long crc(long initial, byte[] data, int start, int len) {
long c = initial;
- int idx;
for (int i = 0; i < len; i++) {
- idx = (int) ((data[start + i] ^ c) & 0xff);
+ int idx = (int) ((data[start + i] ^ c) & 0xff);
c = ((c & 0xffffffffL) >>> 8) ^ table[idx]; // why?
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Hmac.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Hmac.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Hmac.java
index cebb3a1..45f8951 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Hmac.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Hmac.java
@@ -76,7 +76,6 @@ public class Hmac {
hashProvider.hash(outerPaddedKey);
hashProvider.hash(tmp);
- tmp = hashProvider.output();
- return tmp;
+ return hashProvider.output();
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Nfold.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Nfold.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Nfold.java
index 4d9bcba..82c9aac 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Nfold.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Nfold.java
@@ -45,32 +45,29 @@ public class Nfold {
int inBytesNum = inBytes.length; // count inBytes byte
int outBytesNum = size; // count inBytes byte
- int a, b, c, lcm;
- a = outBytesNum;
- b = inBytesNum;
+ int a = outBytesNum;
+ int b = inBytesNum;
while (b != 0) {
- c = b;
+ int c = b;
b = a % b;
a = c;
}
- lcm = (outBytesNum * inBytesNum) / a;
+ int lcm = (outBytesNum * inBytesNum) / a;
byte[] outBytes = new byte[outBytesNum];
Arrays.fill(outBytes, (byte)0);
int tmpByte = 0;
- int msbit, i, tmp;
-
- for (i = lcm-1; i >= 0; i--) {
+ for (int i = lcm - 1; i >= 0; i--) {
// first, start with the msbit inBytes the first, unrotated byte
- tmp = ((inBytesNum<<3)-1);
+ int tmp = ((inBytesNum<<3)-1);
// then, for each byte, shift to the right for each repetition
tmp += (((inBytesNum<<3)+13)*(i/inBytesNum));
// last, pick outBytes the correct byte within that shifted repetition
tmp += ((inBytesNum-(i%inBytesNum)) << 3);
- msbit = tmp % (inBytesNum << 3);
+ int msbit = tmp % (inBytesNum << 3);
// pull outBytes the byte value itself
tmp = ((((inBytes[((inBytesNum - 1)-(msbit >>> 3)) % inBytesNum] & 0xff) << 8) |
@@ -88,7 +85,7 @@ public class Nfold {
// if there's a carry bit left over, add it back inBytes
if (tmpByte != 0) {
- for (i = outBytesNum-1; i >= 0; i--) {
+ for (int i = outBytesNum-1; i >= 0; i--) {
// do the addition
tmpByte += (outBytes[i] & 0xff);
outBytes[i] = (byte) (tmpByte & 0xff);
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Pbkdf.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Pbkdf.java b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Pbkdf.java
index 7dac089..646fc79 100644
--- a/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Pbkdf.java
+++ b/kerby-kerb/kerb-crypto/src/main/java/org/apache/kerby/kerberos/kerb/crypto/util/Pbkdf.java
@@ -33,8 +33,6 @@ public class Pbkdf {
SecretKeyFactory skf =
SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
SecretKey key = skf.generateSecret(ks);
- byte[] result = key.getEncoded();
-
- return result;
+ return key.getEncoded();
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java
index a84652d..7ebdb05 100644
--- a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java
@@ -70,7 +70,7 @@ public class CamelliaEncTest {
outputs.add("==========");
List<String> newLines = expectedLines;
- assertThat(expectedLines).as("Comparing new lines with expected lines").isEqualTo(outputs);
+ assertThat(newLines).as("Comparing new lines with expected lines").isEqualTo(outputs);
}
private void testWith(int keySize) throws KrbException {
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTest.java
index c47d9d4..89246e3 100644
--- a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTest.java
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CheckSumTest.java
@@ -71,7 +71,6 @@ public class CheckSumTest {
private void testWith(CksumTest testCase) throws Exception {
byte[] knownChecksum = HexUtil.hex2bytes(testCase.knownChecksum);
byte[] plainData = testCase.plainText.getBytes();
- CheckSum newCksum;
if (! CheckSumHandler.isImplemented(testCase.cksumType)) {
System.err.println("Checksum type not supported yet: "
@@ -81,7 +80,7 @@ public class CheckSumTest {
EncryptionKey key = new EncryptionKey(EncryptionType.DES_CBC_CRC, TESTKEY);
- newCksum = CheckSumHandler.checksumWithKey(testCase.cksumType, plainData, key.getKeyData(), KeyUsage.NONE);
+ CheckSum newCksum = CheckSumHandler.checksumWithKey(testCase.cksumType, plainData, key.getKeyData(), KeyUsage.NONE);
if (CheckSumHandler.verifyWithKey(newCksum, plainData, key.getKeyData(), KeyUsage.NONE)) {
System.err.println("Checksum verifying is OK for " + testCase.cksumType.getName());
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/97d07953/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CmacTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CmacTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CmacTest.java
index e210709..f8f7a39 100644
--- a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CmacTest.java
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CmacTest.java
@@ -66,10 +66,9 @@ public class CmacTest {
byte[] key = HexUtil.hex2bytes(keyBytes);
byte[] input = HexUtil.hex2bytes(inputBytes);
EncryptProvider encProvider = new Camellia128Provider();
- byte[] result;
// test 1
- result = Cmac.cmac(encProvider, key, input, 0, 0);
+ byte[] result = Cmac.cmac(encProvider, key, input, 0, 0);
assertThat(result).as("Test 1").isEqualTo(HexUtil.hex2bytes(cmac1));
// test 2