1
/*
2
 * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.  Oracle designates this
8
 * particular file as subject to the "Classpath" exception as provided
9
 * by Oracle in the LICENSE file that accompanied this code.
10
 *
11
 * This code is distributed in the hope that it will be useful, but WITHOUT
12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14
 * version 2 for more details (a copy is included in the LICENSE file that
15
 * accompanied this code).
16
 *
17
 * You should have received a copy of the GNU General Public License version
18
 * 2 along with this work; if not, write to the Free Software Foundation,
19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20
 *
21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22
 * or visit www.oracle.com if you need additional information or have any
23
 * questions.
24
 */
25

26
package javax.crypto;
27

28
import java.io.*;
29

30
/**
31
 * A CipherOutputStream is composed of an OutputStream and a Cipher so
32
 * that write() methods first process the data before writing them out
33
 * to the underlying OutputStream.  The cipher must be fully
34
 * initialized before being used by a CipherOutputStream.
35
 *
36
 * <p> For example, if the cipher is initialized for encryption, the
37
 * CipherOutputStream will attempt to encrypt data before writing out the
38
 * encrypted data.
39
 *
40
 * <p> This class adheres strictly to the semantics, especially the
41
 * failure semantics, of its ancestor classes
42
 * java.io.OutputStream and java.io.FilterOutputStream.  This class
43
 * has exactly those methods specified in its ancestor classes, and
44
 * overrides them all.  Moreover, this class catches all exceptions
45
 * that are not thrown by its ancestor classes. In particular, this
46
 * class catches BadPaddingException and other exceptions thrown by
47
 * failed integrity checks during decryption. These exceptions are not
48
 * re-thrown, so the client will not be informed that integrity checks
49
 * failed. Because of this behavior, this class may not be suitable
50
 * for use with decryption in an authenticated mode of operation (e.g. GCM)
51
 * if the application requires explicit notification when authentication
52
 * fails. Such an application can use the Cipher API directly as an
53
 * alternative to using this class.
54
 *
55
 * <p> It is crucial for a programmer using this class not to use
56
 * methods that are not defined or overridden in this class (such as a
57
 * new method or constructor that is later added to one of the super
58
 * classes), because the design and implementation of those methods
59
 * are unlikely to have considered security impact with regard to
60
 * CipherOutputStream.
61
 *
62
 * @author  Li Gong
63
 * @see     java.io.OutputStream
64
 * @see     java.io.FilterOutputStream
65
 * @see     javax.crypto.Cipher
66
 * @see     javax.crypto.CipherInputStream
67
 *
68
 * @since 1.4
69
 */
70

71
public class CipherOutputStream extends FilterOutputStream {
72

73
    // the cipher engine to use to process stream data
74
    private Cipher cipher;
75

76
    // the underlying output stream
77
    private OutputStream output;
78

79
    /* the buffer holding one byte of incoming data */
80
    private byte[] ibuffer = new byte[1];
81

82
    // the buffer holding data ready to be written out
83
    private byte[] obuffer = null;
84

85
    // stream status
86
    private boolean closed = false;
87

88
    /**
89
     * Ensure obuffer is big enough for the next update or doFinal
90
     * operation, given the input length <code>inLen</code> (in bytes)
91
     *
92
     * @param inLen the input length (in bytes)
93
     */
94
    private void ensureCapacity(int inLen) {
95
        int minLen = cipher.getOutputSize(inLen);
96
        if (obuffer == null || obuffer.length < minLen) {
97
            obuffer = new byte[minLen];
98
        }
99
    }
100

101
    /**
102
     *
103
     * Constructs a CipherOutputStream from an OutputStream and a
104
     * Cipher.
105
     * <br>Note: if the specified output stream or cipher is
106
     * null, a NullPointerException may be thrown later when
107
     * they are used.
108
     *
109
     * @param os  the OutputStream object
110
     * @param c   an initialized Cipher object
111
     */
112
    public CipherOutputStream(OutputStream os, Cipher c) {
113
        super(os);
114
        output = os;
115
        cipher = c;
116
    };
117

118
    /**
119
     * Constructs a CipherOutputStream from an OutputStream without
120
     * specifying a Cipher. This has the effect of constructing a
121
     * CipherOutputStream using a NullCipher.
122
     * <br>Note: if the specified output stream is null, a
123
     * NullPointerException may be thrown later when it is used.
124
     *
125
     * @param os  the OutputStream object
126
     */
127
    protected CipherOutputStream(OutputStream os) {
128
        super(os);
129
        output = os;
130
        cipher = new NullCipher();
131
    }
132

133
    /**
134
     * Writes the specified byte to this output stream.
135
     *
136
     * @param      b   the <code>byte</code>.
137
     * @exception  IOException  if an I/O error occurs.
138
     */
139
    @Override
140
    public void write(int b) throws IOException {
141
        ibuffer[0] = (byte) b;
142
        ensureCapacity(1);
143
        try {
144
            int ostored = cipher.update(ibuffer, 0, 1, obuffer);
145
            if (ostored > 0) {
146
                output.write(obuffer, 0, ostored);
147
            }
148
        } catch (ShortBufferException sbe) {
149
            // should never happen; re-throw just in case
150
            throw new IOException(sbe);
151
        }
152
    };
153

154
    /**
155
     * Writes <code>b.length</code> bytes from the specified byte array
156
     * to this output stream.
157
     * <p>
158
     * The <code>write</code> method of
159
     * <code>CipherOutputStream</code> calls the <code>write</code>
160
     * method of three arguments with the three arguments
161
     * <code>b</code>, <code>0</code>, and <code>b.length</code>.
162
     *
163
     * @param      b   the data.
164
     * @exception  NullPointerException if <code>b</code> is null.
165
     * @exception  IOException  if an I/O error occurs.
166
     * @see        javax.crypto.CipherOutputStream#write(byte[], int, int)
167
     */
168
    @Override
169
    public void write(byte b[]) throws IOException {
170
        write(b, 0, b.length);
171
    }
172

173
    /**
174
     * Writes <code>len</code> bytes from the specified byte array
175
     * starting at offset <code>off</code> to this output stream.
176
     *
177
     * @param      b     the data.
178
     * @param      off   the start offset in the data.
179
     * @param      len   the number of bytes to write.
180
     * @exception  IOException  if an I/O error occurs.
181
     */
182
    @Override
183
    public void write(byte b[], int off, int len) throws IOException {
184
        ensureCapacity(len);
185
        try {
186
            int ostored = cipher.update(b, off, len, obuffer);
187
            if (ostored > 0) {
188
                output.write(obuffer, 0, ostored);
189
            }
190
        } catch (ShortBufferException e) {
191
            // should never happen; re-throw just in case
192
            throw new IOException(e);
193
        }
194
    }
195

196
    /**
197
     * Flushes this output stream by forcing any buffered output bytes
198
     * that have already been processed by the encapsulated cipher object
199
     * to be written out.
200
     *
201
     * <p>Any bytes buffered by the encapsulated cipher
202
     * and waiting to be processed by it will not be written out. For example,
203
     * if the encapsulated cipher is a block cipher, and the total number of
204
     * bytes written using one of the <code>write</code> methods is less than
205
     * the cipher's block size, no bytes will be written out.
206
     *
207
     * @exception  IOException  if an I/O error occurs.
208
     */
209
    @Override
210
    public void flush() throws IOException {
211
        // simply call output.flush() since 'obuffer' content is always
212
        // written out immediately
213
        output.flush();
214
    }
215

216
    /**
217
     * Closes this output stream and releases any system resources
218
     * associated with this stream.
219
     * <p>
220
     * This method invokes the <code>doFinal</code> method of the encapsulated
221
     * cipher object, which causes any bytes buffered by the encapsulated
222
     * cipher to be processed. The result is written out by calling the
223
     * <code>flush</code> method of this output stream.
224
     * <p>
225
     * This method resets the encapsulated cipher object to its initial state
226
     * and calls the <code>close</code> method of the underlying output
227
     * stream.
228
     *
229
     * @exception  IOException  if an I/O error occurs.
230
     */
231
    @Override
232
    public void close() throws IOException {
233
        if (closed) {
234
            return;
235
        }
236

237
        closed = true;
238
        ensureCapacity(0);
239
        try {
240
            int ostored = cipher.doFinal(obuffer, 0);
241
            if (ostored > 0) {
242
                output.write(obuffer, 0, ostored);
243
            }
244
        } catch (IllegalBlockSizeException | BadPaddingException
245
                | ShortBufferException e) {
246
        }
247
        obuffer = null;
248
        try {
249
            flush();
250
        } catch (IOException ignored) {}
251
        output.close();
252
    }
253
}
254

255