Crypto: Define ElG length constants

core/java/src/net/i2p/crypto/ElGamalEngine.java

@@ -58,6 +58,9 @@ public final class ElGamalEngine {
     private final YKGenerator _ykgen;
 
     private static final BigInteger ELGPM1 = CryptoConstants.elgp.subtract(BigInteger.ONE);
+    private static final int ELG_CLEARTEXT_LENGTH = 222;
+    private static final int ELG_ENCRYPTED_LENGTH = 514;
+    private static final int ELG_HALF_LENGTH = ELG_ENCRYPTED_LENGTH / 2;
 
     
     /** 
@@ -113,8 +116,8 @@ public final class ElGamalEngine {
      *         the cleartext to 222 bytes with random data.
      */
     public byte[] encrypt(byte data[], PublicKey publicKey) {
-        if ((data == null) || (data.length >= 223))
-            throw new IllegalArgumentException("Data to encrypt must be < 223 bytes at the moment");
+        if ((data == null) || (data.length > ELG_CLEARTEXT_LENGTH))
+            throw new IllegalArgumentException("Data to encrypt must be <= 222 bytes");
         if (publicKey == null) throw new IllegalArgumentException("Null public key specified");
 
         long start = _context.clock().now();
@@ -149,11 +152,11 @@ public final class ElGamalEngine {
 
         byte[] ybytes = y.toByteArray();
         byte[] dbytes = d.toByteArray();
-        byte[] out = new byte[514];
-        System.arraycopy(ybytes, 0, out, (ybytes.length < 257 ? 257 - ybytes.length : 0),
-                         (ybytes.length > 257 ? 257 : ybytes.length));
-        System.arraycopy(dbytes, 0, out, (dbytes.length < 257 ? 514 - dbytes.length : 257),
-                         (dbytes.length > 257 ? 257 : dbytes.length));
+        byte[] out = new byte[ELG_ENCRYPTED_LENGTH];
+        System.arraycopy(ybytes, 0, out, (ybytes.length < ELG_HALF_LENGTH ? ELG_HALF_LENGTH - ybytes.length : 0),
+                         (ybytes.length > ELG_HALF_LENGTH ? ELG_HALF_LENGTH : ybytes.length));
+        System.arraycopy(dbytes, 0, out, (dbytes.length < ELG_HALF_LENGTH ? ELG_ENCRYPTED_LENGTH - dbytes.length : ELG_HALF_LENGTH),
+                         (dbytes.length > ELG_HALF_LENGTH ? ELG_HALF_LENGTH : dbytes.length));
         /*
         StringBuilder buf = new StringBuilder(1024);
         buf.append("Timing\n");
@@ -190,18 +193,18 @@ public final class ElGamalEngine {
      * @return unencrypted data or null on failure
      */
     public byte[] decrypt(byte encrypted[], PrivateKey privateKey) {
-        if ((encrypted == null) || (encrypted.length != 514))
-            throw new IllegalArgumentException("Data to decrypt must be exactly 514 bytes");
+        if ((encrypted == null) || (encrypted.length != ELG_ENCRYPTED_LENGTH))
+            throw new IllegalArgumentException("Data to decrypt must be exactly ELG_ENCRYPTED_LENGTH bytes");
         long start = _context.clock().now();
 
         BigInteger a = new NativeBigInteger(1, privateKey.getData());
         BigInteger y1p = ELGPM1.subtract(a);
         // we use this buf first for Y, then for D, then for the hash
-        byte[] buf = SimpleByteCache.acquire(257);
-        System.arraycopy(encrypted, 0, buf, 0, 257);
+        byte[] buf = SimpleByteCache.acquire(ELG_HALF_LENGTH);
+        System.arraycopy(encrypted, 0, buf, 0, ELG_HALF_LENGTH);
         NativeBigInteger y = new NativeBigInteger(1, buf);
         BigInteger ya = y.modPowCT(y1p, CryptoConstants.elgp);
-        System.arraycopy(encrypted, 257, buf, 0, 257);
+        System.arraycopy(encrypted, ELG_HALF_LENGTH, buf, 0, ELG_HALF_LENGTH);
         BigInteger d = new NativeBigInteger(1, buf);
         BigInteger m = ya.multiply(d);
         m = m.mod(CryptoConstants.elgp);

router/java/src/net/i2p/router/crypto/ElGamalAESEngine.java

@@ -42,6 +42,8 @@ public final class ElGamalAESEngine {
     private final I2PAppContext _context;
     /** enforced since release 0.6 */
     public static final int MAX_TAGS_RECEIVED = 200;
+    private static final int ELG_CLEARTEXT_LENGTH = 222;
+    private static final int ELG_ENCRYPTED_LENGTH = 514;
 
     public ElGamalAESEngine(I2PAppContext ctx) {
         _context = ctx;
@@ -178,15 +180,15 @@ public final class ElGamalAESEngine {
         if (data == null) {
             //if (_log.shouldLog(Log.WARN)) _log.warn("Data is null, unable to decrypt new session");
             return null;
-        } else if (data.length < 514) {
+        } else if (data.length < ELG_ENCRYPTED_LENGTH) {
             //if (_log.shouldLog(Log.WARN)) _log.warn("Data length is too small (" + data.length + ")");
             return null;
         }
-        byte elgEncr[] = new byte[514];
-        if (data.length > 514) {
-            System.arraycopy(data, 0, elgEncr, 0, 514);
+        byte elgEncr[] = new byte[ELG_ENCRYPTED_LENGTH];
+        if (data.length > ELG_ENCRYPTED_LENGTH) {
+            System.arraycopy(data, 0, elgEncr, 0, ELG_ENCRYPTED_LENGTH);
         } else {
-            System.arraycopy(data, 0, elgEncr, 514 - data.length, data.length);
+            System.arraycopy(data, 0, elgEncr, ELG_ENCRYPTED_LENGTH - data.length, data.length);
         }
         byte elgDecr[] = _context.elGamalEngine().decrypt(elgEncr, targetPrivateKey);
         if (elgDecr == null) {
@@ -217,7 +219,8 @@ public final class ElGamalAESEngine {
         // feed the extra bytes into the PRNG
         _context.random().harvester().feedEntropy("ElG/AES", elgDecr, offset, elgDecr.length - offset); 
 
-        byte aesDecr[] = decryptAESBlock(data, 514, data.length-514, usedKey, iv, null, foundTags, foundKey);
+        byte aesDecr[] = decryptAESBlock(data, ELG_ENCRYPTED_LENGTH, data.length - ELG_ENCRYPTED_LENGTH,
+                                         usedKey, iv, null, foundTags, foundKey);
         SimpleByteCache.release(iv);
 
         //if (_log.shouldLog(Log.DEBUG))
@@ -508,10 +511,10 @@ public final class ElGamalAESEngine {
     private byte[] encryptNewSession(byte data[], PublicKey target, SessionKey key, Set<SessionTag> tagsForDelivery,
                                     SessionKey newKey, long paddedSize) {
         //_log.debug("Encrypting to a NEW session");
-        byte elgSrcData[] = new byte[SessionKey.KEYSIZE_BYTES+32+158];
+        byte elgSrcData[] = new byte[ELG_CLEARTEXT_LENGTH];
         System.arraycopy(key.getData(), 0, elgSrcData, 0, SessionKey.KEYSIZE_BYTES);
         // get both the preIV and the padding at once, then copy to the preIV array
-        _context.random().nextBytes(elgSrcData, SessionKey.KEYSIZE_BYTES, 32 + 158);
+        _context.random().nextBytes(elgSrcData, SessionKey.KEYSIZE_BYTES, ELG_CLEARTEXT_LENGTH - SessionKey.KEYSIZE_BYTES);
         byte preIV[] = SimpleByteCache.acquire(32);
         System.arraycopy(elgSrcData, SessionKey.KEYSIZE_BYTES, preIV, 0, 32);
 
@@ -523,9 +526,9 @@ public final class ElGamalAESEngine {
             long after = _context.clock().now();
             _log.info("elgEngine.encrypt of the session key took " + (after - before) + "ms");
         }
-        if (elgEncr.length < 514) {
+        if (elgEncr.length < ELG_ENCRYPTED_LENGTH) {
             // ??? ElGamalEngine.encrypt() always returns 514 bytes
-            byte elg[] = new byte[514];
+            byte elg[] = new byte[ELG_ENCRYPTED_LENGTH];
             int diff = elg.length - elgEncr.length;
             //if (_log.shouldLog(Log.DEBUG)) _log.debug("Difference in size: " + diff);
             System.arraycopy(elgEncr, 0, elg, diff, elgEncr.length);