Java 类org.bouncycastle.crypto.engines.DESEngine 实例源码

private byte[] encryptDESFile(String keys, byte[] plainText) {
BlockCipher engine = new DESEngine();

      byte[] key = keys.getBytes();
      byte[] ptBytes = plainText;
      BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(engine));
      cipher.init(true, new KeyParameter(key));
      byte[] rv = new byte[cipher.getOutputSize(ptBytes.length)];
      int tam = cipher.processBytes(ptBytes, 0, ptBytes.length, rv, 0);
      try {
          cipher.doFinal(rv, tam);
      } catch (Exception ce) {
          ce.printStackTrace();
      }
      return rv;
  }

/**
 * create a standard MAC based on a block cipher with the size of the
 * MAC been given in bits. This class uses single DES CBC mode as the basis for the
 * MAC generation. The final block is decrypted and then encrypted using the
 * middle and right part of the key.
 * <p>
 * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
 * or 16 bits if being used as a data authenticator (FIPS Publication 113),
 * and in general should be less than the size of the block cipher as it reduces
 * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
 *
 * @param cipher the cipher to be used as the basis of the MAC generation.
 * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
 * @param padding the padding to be used to complete the last block.
 */
public ISO9797Alg3Mac(
    BlockCipher         cipher,
    int                 macSizeInBits,
    BlockCipherPadding  padding)
{
    if ((macSizeInBits % 8) != 0)
    {
        throw new IllegalArgumentException("MAC size must be multiple of 8");
    }

    if (!(cipher instanceof DESEngine))
    {
        throw new IllegalArgumentException("cipher must be instance of DESEngine");
    }

    this.cipher = new CBCBlockCipher(cipher);
    this.padding = padding;
    this.macSize = macSizeInBits / 8;

    mac = new byte[cipher.getBlockSize()];

    buf = new byte[cipher.getBlockSize()];
    bufOff = 0;
}

static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
    throws CMSException
{
    if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new AESEngine());
    }
    else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESedeEngine());
    }
    else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESEngine());
    }
    else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new RC2Engine());
    }
    else
    {
        throw new CMSException("cannot recognise wrapper: " + algorithm);
    }
}

/**
 * create a standard MAC based on a block cipher with the size of the
 * MAC been given in bits. This class uses single DES CBC mode as the basis for the
 * MAC generation. The final block is decrypted and then encrypted using the
 * middle and right part of the key.
 * <p>
 * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
 * or 16 bits if being used as a data authenticator (FIPS Publication 113),
 * and in general should be less than the size of the block cipher as it reduces
 * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
 *
 * @param cipher the cipher to be used as the basis of the MAC generation.
 * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
 * @param padding the padding to be used to complete the last block.
 */
public ISO9797Alg3Mac(
    BlockCipher         cipher,
    int                 macSizeInBits,
    BlockCipherPadding  padding)
{
    if ((macSizeInBits % 8) != 0)
    {
        throw new IllegalArgumentException("MAC size must be multiple of 8");
    }

    if (!(cipher instanceof DESEngine))
    {
        throw new IllegalArgumentException("cipher must be instance of DESEngine");
    }

    this.cipher = new CBCBlockCipher(cipher);
    this.padding = padding;
    this.macSize = macSizeInBits / 8;

    mac = new byte[cipher.getBlockSize()];

    buf = new byte[cipher.getBlockSize()];
    bufOff = 0;
}

static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
    throws CMSException
{
    if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new AESEngine());
    }
    else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESedeEngine());
    }
    else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESEngine());
    }
    else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new RC2Engine());
    }
    else
    {
        throw new CMSException("cannot recognise wrapper: " + algorithm);
    }
}

private void encryptBlock(byte[] key, byte[] iv, byte[] cekBlock)
{
    BlockCipher engine = new CBCBlockCipher(new DESEngine());

    engine.init(true, new ParametersWithIV(new KeyParameter(key), iv));

    for (int i = 0; i < cekBlock.length; i += 8)
    {
        engine.processBlock(cekBlock, i, cekBlock, i);
    }

    for (int i = 0; i < cekBlock.length; i += 8)
    {
        engine.processBlock(cekBlock, i, cekBlock, i);
    }
}

private static void initBlockCipherEngines() {
    blockCipherEngines.put("MARS", MarsEngine.class);
    blockCipherEngines.put("AES", AESEngine.class);
    blockCipherEngines.put("Blowfish", BlowfishEngine.class);
    blockCipherEngines.put("Camellia", CamelliaEngine.class);
    blockCipherEngines.put("CAST5", CAST5Engine.class);
    blockCipherEngines.put("CAST6", CAST6Engine.class);
    blockCipherEngines.put("DESede", DESedeEngine.class);
    blockCipherEngines.put("DES", DESEngine.class);
    blockCipherEngines.put("GOST28147", GOST28147Engine.class);
    blockCipherEngines.put("IDEA", IDEAEngine.class);
    blockCipherEngines.put("Noekeon", NoekeonEngine.class);
    blockCipherEngines.put("RC2", RC2Engine.class);
    blockCipherEngines.put("RC5", RC532Engine.class);
    blockCipherEngines.put("RC6", RC6Engine.class);
    blockCipherEngines.put("SEED", SEEDEngine.class);
    blockCipherEngines.put("Serpent", SerpentEngine.class);
    blockCipherEngines.put("Shacal2", Shacal2Engine.class);
    blockCipherEngines.put("Skipjack", SkipjackEngine.class);
    blockCipherEngines.put("SM4", SM4Engine.class);
    blockCipherEngines.put("TEA", TEAEngine.class);
    blockCipherEngines.put("Twofish", TwofishEngine.class);
    blockCipherEngines.put("XTEA", XTEAEngine.class);
    blockCipherEngines.put("Threefish", ThreefishEngine.class);
}

/**
 * create a standard MAC based on a block cipher with the size of the
 * MAC been given in bits. This class uses single DES CBC mode as the basis for the
 * MAC generation. The final block is decrypted and then encrypted using the
 * middle and right part of the key.
 * <p>
 * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
 * or 16 bits if being used as a data authenticator (FIPS Publication 113),
 * and in general should be less than the size of the block cipher as it reduces
 * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
 *
 * @param cipher the cipher to be used as the basis of the MAC generation.
 * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
 * @param padding the padding to be used to complete the last block.
 */
public ISO9797Alg3Mac(
    BlockCipher         cipher,
    int                 macSizeInBits,
    BlockCipherPadding  padding)
{
    if ((macSizeInBits % 8) != 0)
    {
        throw new IllegalArgumentException("MAC size must be multiple of 8");
    }

    if (!(cipher instanceof DESEngine))
    {
        throw new IllegalArgumentException("cipher must be instance of DESEngine");
    }

    this.cipher = new CBCBlockCipher(cipher);
    this.padding = padding;
    this.macSize = macSizeInBits / 8;

    mac = new byte[cipher.getBlockSize()];

    buf = new byte[cipher.getBlockSize()];
    bufOff = 0;
}

static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
    throws CMSException
{
    if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new AESEngine());
    }
    else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESedeEngine());
    }
    else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESEngine());
    }
    else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new RC2Engine());
    }
    else
    {
        throw new CMSException("cannot recognise wrapper: " + algorithm);
    }
}

/**
 * create a standard MAC based on a block cipher with the size of the
 * MAC been given in bits. This class uses single DES CBC mode as the basis for the
 * MAC generation. The final block is decrypted and then encrypted using the
 * middle and right part of the key.
 * <p>
 * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
 * or 16 bits if being used as a data authenticator (FIPS Publication 113),
 * and in general should be less than the size of the block cipher as it reduces
 * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
 *
 * @param cipher the cipher to be used as the basis of the MAC generation.
 * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
 * @param padding the padding to be used to complete the last block.
 */
public ISO9797Alg3Mac(
    BlockCipher         cipher,
    int                 macSizeInBits,
    BlockCipherPadding  padding)
{
    if ((macSizeInBits % 8) != 0)
    {
        throw new IllegalArgumentException("MAC size must be multiple of 8");
    }

    if (!(cipher instanceof DESEngine))
    {
        throw new IllegalArgumentException("cipher must be instance of DESEngine");
    }

    this.cipher = new CBCBlockCipher(cipher);
    this.padding = padding;
    this.macSize = macSizeInBits / 8;

    mac = new byte[cipher.getBlockSize()];

    buf = new byte[cipher.getBlockSize()];
    bufOff = 0;
}

/**
 * create a standard MAC based on a block cipher with the size of the
 * MAC been given in bits. This class uses single DES CBC mode as the basis for the
 * MAC generation. The final block is decrypted and then encrypted using the
 * middle and right part of the key.
 * <p>
 * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
 * or 16 bits if being used as a data authenticator (FIPS Publication 113),
 * and in general should be less than the size of the block cipher as it reduces
 * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
 *
 * @param cipher the cipher to be used as the basis of the MAC generation.
 * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
 * @param padding the padding to be used to complete the last block.
 */
public ISO9797Alg3Mac(
    BlockCipher         cipher,
    int                 macSizeInBits,
    BlockCipherPadding  padding)
{
    if ((macSizeInBits % 8) != 0)
    {
        throw new IllegalArgumentException("MAC size must be multiple of 8");
    }

    if (!(cipher instanceof DESEngine))
    {
        throw new IllegalArgumentException("cipher must be instance of DESEngine");
    }

    this.cipher = new CBCBlockCipher(cipher);
    this.padding = padding;
    this.macSize = macSizeInBits / 8;

    mac = new byte[cipher.getBlockSize()];

    buf = new byte[cipher.getBlockSize()];
    bufOff = 0;
}

public String decipher(byte[] key, String cipherText) throws InvalidCipherTextException {
    PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESEngine()));
    cipher.init(false, new KeyParameter(Hex.decode(key)));
    byte[] cipherTextBytes = java.util.Base64.getDecoder().decode(cipherText);

    byte[] plainTextBytes = new byte[cipher.getOutputSize(cipherTextBytes.length)];
    int outputLength = cipher.processBytes(cipherTextBytes, 0, cipherTextBytes.length, plainTextBytes, 0);
    cipher.doFinal(plainTextBytes, outputLength);
    int paddingStarts = plainTextBytes.length - 1;
    for (; paddingStarts >= 0 ; paddingStarts--) {
        if (plainTextBytes[paddingStarts] != 0) {
            break;
        }
    }
    return new String(plainTextBytes, 0, paddingStarts + 1);
}

static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
    throws CMSException
{
    if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new AESEngine());
    }
    else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESedeEngine());
    }
    else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESEngine());
    }
    else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new RC2Engine());
    }
    else
    {
        throw new CMSException("cannot recognise wrapper: " + algorithm);
    }
}

/**
 * create a standard MAC based on a block cipher with the size of the
 * MAC been given in bits. This class uses single DES CBC mode as the basis for the
 * MAC generation. The final block is decrypted and then encrypted using the
 * middle and right part of the key.
 * <p>
 * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
 * or 16 bits if being used as a data authenticator (FIPS Publication 113),
 * and in general should be less than the size of the block cipher as it reduces
 * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
 *
 * @param cipher the cipher to be used as the basis of the MAC generation.
 * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
 * @param padding the padding to be used to complete the last block.
 */
public ISO9797Alg3Mac(
    BlockCipher         cipher,
    int                 macSizeInBits,
    BlockCipherPadding  padding)
{
    if ((macSizeInBits % 8) != 0)
    {
        throw new IllegalArgumentException("MAC size must be multiple of 8");
    }

    if (!(cipher instanceof DESEngine))
    {
        throw new IllegalArgumentException("cipher must be instance of DESEngine");
    }

    this.cipher = new CBCBlockCipher(cipher);
    this.padding = padding;
    this.macSize = macSizeInBits / 8;

    mac = new byte[cipher.getBlockSize()];

    buf = new byte[cipher.getBlockSize()];
    bufOff = 0;
}

private void encryptBlock(byte[] key, byte[] iv, byte[] cekBlock)
{
    BlockCipher engine = new CBCBlockCipher(new DESEngine());

    engine.init(true, new ParametersWithIV(new KeyParameter(key), iv));

    for (int i = 0; i < cekBlock.length; i += 8)
    {
        engine.processBlock(cekBlock, i, cekBlock, i);
    }

    for (int i = 0; i < cekBlock.length; i += 8)
    {
        engine.processBlock(cekBlock, i, cekBlock, i);
    }
}

static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
    throws CMSException
{
    if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
        || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new AESEngine());
    }
    else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESedeEngine());
    }
    else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new DESEngine());
    }
    else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
    {
        return new RFC3211WrapEngine(new RC2Engine());
    }
    else
    {
        throw new CMSException("cannot recognise wrapper: " + algorithm);
    }
}

/**
 * create a standard MAC based on a block cipher with the size of the
 * MAC been given in bits. This class uses single DES CBC mode as the basis for the
 * MAC generation. The final block is decrypted and then encrypted using the
 * middle and right part of the key.
 * <p>
 * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
 * or 16 bits if being used as a data authenticator (FIPS Publication 113),
 * and in general should be less than the size of the block cipher as it reduces
 * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
 *
 * @param cipher the cipher to be used as the basis of the MAC generation.
 * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
 * @param padding the padding to be used to complete the last block.
 */
public ISO9797Alg3Mac(
    BlockCipher         cipher,
    int                 macSizeInBits,
    BlockCipherPadding  padding)
{
    if ((macSizeInBits % 8) != 0)
    {
        throw new IllegalArgumentException("MAC size must be multiple of 8");
    }

    if (!(cipher instanceof DESEngine))
    {
        throw new IllegalArgumentException("cipher must be instance of DESEngine");
    }

    this.cipher = new CBCBlockCipher(cipher);
    this.padding = padding;
    this.macSize = macSizeInBits / 8;

    mac = new byte[cipher.getBlockSize()];

    buf = new byte[cipher.getBlockSize()];
    bufOff = 0;
}

private void encryptBlock(byte[] key, byte[] iv, byte[] cekBlock)
{
    BlockCipher engine = new CBCBlockCipher(new DESEngine());

    engine.init(true, new ParametersWithIV(new KeyParameter(key), iv));

    for (int i = 0; i < cekBlock.length; i += 8)
    {
        engine.processBlock(cekBlock, i, cekBlock, i);
    }

    for (int i = 0; i < cekBlock.length; i += 8)
    {
        engine.processBlock(cekBlock, i, cekBlock, i);
    }
}

public byte[] decryptDESFile(String key, byte[] cipherText) {
BlockCipher engine = new DESEngine();
      byte[] bytes = key.getBytes();
      BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(engine));
      cipher.init(false, new KeyParameter(bytes));
      byte[] rv = new byte[cipher.getOutputSize(cipherText.length)];
      int tam = cipher.processBytes(cipherText, 0, cipherText.length, rv, 0);
      try {
          cipher.doFinal(rv, tam);
      } catch (Exception ce) {
          ce.printStackTrace();
      }
      return rv;
  }

private void testOutputSizes()
{
    PaddedBufferedBlockCipher bc = new PaddedBufferedBlockCipher(new DESEngine(), new PKCS7Padding());
    KeyParameter key = new KeyParameter(Hex.decode("0011223344556677"));

    for (int i = 0; i < bc.getBlockSize() * 2; i++)
    {
        bc.init(true, key);
        if (bc.getUpdateOutputSize(i) < 0)
        {
            fail("Padded cipher encrypt negative update output size for input size " + i);
        }
        if (bc.getOutputSize(i) < 0)
        {
            fail("Padded cipher encrypt negative output size for input size " + i);
        }

        bc.init(false, key);
        if (bc.getUpdateOutputSize(i) < 0)
        {
            fail("Padded cipher decrypt negative update output size for input size " + i);
        }
        if (bc.getOutputSize(i) < 0)
        {
            fail("Padded cipher decrypt negative output size for input size " + i);
        }

    }
}

private void performTests()
    throws Exception
{
    testModes(new BlowfishEngine(), new BlowfishEngine(), 16);
    testModes(new DESEngine(), new DESEngine(), 8);
    testModes(new DESedeEngine(), new DESedeEngine(), 24);
    testModes(new TEAEngine(), new TEAEngine(), 16);
    testModes(new CAST5Engine(), new CAST5Engine(), 16);
    testModes(new RC2Engine(), new RC2Engine(), 16);
    testModes(new XTEAEngine(), new XTEAEngine(), 16);

    testModes(new AESEngine(), new AESEngine(), 16);
    testModes(new NoekeonEngine(), new NoekeonEngine(), 16);
    testModes(new TwofishEngine(), new TwofishEngine(), 16);
    testModes(new CAST6Engine(), new CAST6Engine(), 16);
    testModes(new SEEDEngine(), new SEEDEngine(), 16);
    testModes(new SerpentEngine(), new SerpentEngine(), 16);
    testModes(new RC6Engine(), new RC6Engine(), 16);
    testModes(new CamelliaEngine(), new CamelliaEngine(), 16);
    testModes(new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512),
        new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512), 64);

    testMode(new RC4Engine(), new KeyParameter(new byte[16]));
    testMode(new Salsa20Engine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[8]));
    testMode(new XSalsa20Engine(), new ParametersWithIV(new KeyParameter(new byte[32]), new byte[24]));
    testMode(new ChaChaEngine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[8]));
    testMode(new Grainv1Engine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[8]));
    testMode(new Grain128Engine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[12]));
    testMode(new HC128Engine(), new KeyParameter(new byte[16]));
    testMode(new HC256Engine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]));

    testSkipping(new Salsa20Engine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[8]));
    testSkipping(new SICBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]));
}

private void testCorruption()
    throws InvalidCipherTextException
{
    byte[] kek = Hex.decode("D1DAA78615F287E6");
    byte[] iv = Hex.decode("EFE598EF21B33D6D");

    Wrapper wrapper = new RFC3211WrapEngine(new DESEngine());

    wrapper.init(false, new ParametersWithIV(new KeyParameter(kek), iv));

    byte[] block = Hex.decode("ff739D838C627C897323A2F8C436F541");
    encryptBlock(kek, iv, block);

    try
    {
        wrapper.unwrap(block, 0, block.length);

        fail("bad length not detected");
    }
    catch (InvalidCipherTextException e)
    {
        if (!e.getMessage().equals("wrapped key corrupted"))
        {
            fail("wrong exception on length");
        }
    }

    block = Hex.decode("08639D838C627C897323A2F8C436F541");
    testChecksum(kek, iv, block, wrapper);

    block = Hex.decode("08736D838C627C897323A2F8C436F541");
    testChecksum(kek, iv, block, wrapper);

    block = Hex.decode("08739D638C627C897323A2F8C436F541");
    testChecksum(kek, iv, block, wrapper);
}

@Test(expected = IllegalArgumentException.class)
public void testInvalidCipher() {
    new SivMode(new BlockCipherFactory() {

        @Override
        public BlockCipher create() {
            return new DESEngine(); // wrong block size
        }
    });
}

@Override
public byte[] getMAC(byte[] key, byte[] data) {
    BlockCipher cipher = new DESEngine();
    Mac mac = new ISO9797Alg3Mac(cipher, 64, new ISO7816d4Padding());

    KeyParameter keyP = new KeyParameter(key);
    mac.init(keyP);
    mac.update(data, 0, data.length);

    byte[] out = new byte[8];

    mac.doFinal(out, 0);

    return out;
}

private void testCorruption()
    throws InvalidCipherTextException
{
    byte[] kek = Hex.decode("D1DAA78615F287E6");
    byte[] iv = Hex.decode("EFE598EF21B33D6D");

    Wrapper wrapper = new RFC3211WrapEngine(new DESEngine());

    wrapper.init(false, new ParametersWithIV(new KeyParameter(kek), iv));

    byte[] block = Hex.decode("ff739D838C627C897323A2F8C436F541");
    encryptBlock(kek, iv, block);

    try
    {
        wrapper.unwrap(block, 0, block.length);

        fail("bad length not detected");
    }
    catch (InvalidCipherTextException e)
    {
        if (!e.getMessage().equals("wrapped key corrupted"))
        {
            fail("wrong exception on length");
        }
    }

    block = Hex.decode("08639D838C627C897323A2F8C436F541");
    testChecksum(kek, iv, block, wrapper);

    block = Hex.decode("08736D838C627C897323A2F8C436F541");
    testChecksum(kek, iv, block, wrapper);

    block = Hex.decode("08739D638C627C897323A2F8C436F541");
    testChecksum(kek, iv, block, wrapper);
}

private void testCorruption()
    throws InvalidCipherTextException
{
    byte[] kek = Hex.decode("D1DAA78615F287E6");
    byte[] iv = Hex.decode("EFE598EF21B33D6D");

    Wrapper wrapper = new RFC3211WrapEngine(new DESEngine());

    wrapper.init(false, new ParametersWithIV(new KeyParameter(kek), iv));

    byte[] block = Hex.decode("ff739D838C627C897323A2F8C436F541");
    encryptBlock(kek, iv, block);

    try
    {
        wrapper.unwrap(block, 0, block.length);

        fail("bad length not detected");
    }
    catch (InvalidCipherTextException e)
    {
        if (!e.getMessage().equals("wrapped key corrupted"))
        {
            fail("wrong exception on length");
        }
    }

    block = Hex.decode("08639D838C627C897323A2F8C436F541");
    testChecksum(kek, iv, block, wrapper);

    block = Hex.decode("08736D838C627C897323A2F8C436F541");
    testChecksum(kek, iv, block, wrapper);

    block = Hex.decode("08739D638C627C897323A2F8C436F541");
    testChecksum(kek, iv, block, wrapper);
}

public DES_CFB8()
{
    super(new CFBBlockCipher(new DESEngine(), 8), 64);
}

public DES_OFB8()
{
    super(new OFBBlockCipher(new DESEngine(), 8), 64);
}

public BrokePBEWithMD5AndDES()
{
    super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD5, 64, 64);
}

public BrokePBEWithSHA1AndDES()
{
    super(new CBCBlockCipher(new DESEngine()), PKCS5S1, SHA1, 64, 64);
}

public int doFinal(
        byte[]  out,
        int     outOff)
{
    int blockSize = cipher.getBlockSize();

    if (padding == null)
    {
        //
        // pad with zeroes
        //
        while (bufOff < blockSize)
        {
            buf[bufOff] = 0;
            bufOff++;
        }
    }
    else
    {
        if (bufOff == blockSize)
        {
            cipher.processBlock(buf, 0, mac, 0);
            bufOff = 0;
        }

        padding.addPadding(buf, bufOff);
    }

    cipher.processBlock(buf, 0, mac, 0);

    // Added to code from base class
    DESEngine deseng = new DESEngine();

    deseng.init(false, this.lastKey2);
    deseng.processBlock(mac, 0, mac, 0);

    deseng.init(true, this.lastKey3);
    deseng.processBlock(mac, 0, mac, 0);
    // ****

    System.arraycopy(mac, 0, out, outOff, macSize);

    reset();

    return macSize;
}

public ECB()
{
    super(new DESEngine());
}

public CBC()
{
    super(new CBCBlockCipher(new DESEngine()), 64);
}

public DESCFB8()
{
    super(new CFBBlockCipherMac(new DESEngine()));
}

public DES64()
{
    super(new CBCBlockCipherMac(new DESEngine(), 64));
}

public DES64with7816d4()
{
    super(new CBCBlockCipherMac(new DESEngine(), 64, new ISO7816d4Padding()));
}

public CBCMAC()
{
    super(new CBCBlockCipherMac(new DESEngine()));
}

public CMAC()
{
    super(new CMac(new DESEngine()));
}

public DES9797Alg3with7816d4()
{
    super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding()));
}

public DES9797Alg3()
{
    super(new ISO9797Alg3Mac(new DESEngine()));
}