AES: Cleanups (ticket #1989)

core/java/src/net/i2p/crypto/CryptixAESEngine.java

@@ -208,17 +208,18 @@ public final class CryptixAESEngine extends AESEngine {
      */
     @Override
     public final void encryptBlock(byte payload[], int inIndex, SessionKey sessionKey, byte out[], int outIndex) {
-        if (sessionKey.getPreparedKey() == null) {
+        Object pkey = sessionKey.getPreparedKey();
+        if (pkey == null) {
             try {
-                Object key = CryptixRijndael_Algorithm.makeKey(sessionKey.getData(), 16);
-                sessionKey.setPreparedKey(key);
+                pkey = CryptixRijndael_Algorithm.makeKey(sessionKey.getData(), 16);
+                sessionKey.setPreparedKey(pkey);
             } catch (InvalidKeyException ike) {
                 _log.log(Log.CRIT, "Invalid key", ike);
                 throw new IllegalArgumentException("invalid key?  " + ike.getMessage());
             }
         }
         
-        CryptixRijndael_Algorithm.blockEncrypt(payload, out, inIndex, outIndex, sessionKey.getPreparedKey());
+        CryptixRijndael_Algorithm.blockEncrypt(payload, out, inIndex, outIndex, pkey);
     }
 
     /** decrypt exactly 16 bytes of data with the session key provided
@@ -235,17 +236,18 @@ public final class CryptixAESEngine extends AESEngine {
         //    throw new IllegalArgumentException("bad block args [payload.len=" + payload.length 
         //                                       + " inIndex=" + inIndex + " rv.len=" + rv.length 
         //                                       + " outIndex="+outIndex);
-        if (sessionKey.getPreparedKey() == null) {
+        Object pkey = sessionKey.getPreparedKey();
+        if (pkey == null) {
             try {
-                Object key = CryptixRijndael_Algorithm.makeKey(sessionKey.getData(), 16);
-                sessionKey.setPreparedKey(key);
+                pkey = CryptixRijndael_Algorithm.makeKey(sessionKey.getData(), 16);
+                sessionKey.setPreparedKey(pkey);
             } catch (InvalidKeyException ike) {
                 _log.log(Log.CRIT, "Invalid key", ike);
                 throw new IllegalArgumentException("invalid key?  " + ike.getMessage());
             }
         }
 
-        CryptixRijndael_Algorithm.blockDecrypt(payload, rv, inIndex, outIndex, sessionKey.getPreparedKey());
+        CryptixRijndael_Algorithm.blockDecrypt(payload, rv, inIndex, outIndex, pkey);
     }
     
 /******

core/java/src/net/i2p/crypto/CryptixRijndael_Algorithm.java

@@ -4,10 +4,10 @@
  */
 package net.i2p.crypto;
 
-import java.io.PrintWriter;
+//import java.io.PrintWriter;
 import java.security.InvalidKeyException;
 
-import net.i2p.util.Clock;
+//import net.i2p.util.Clock;
 
 //...........................................................................
 /**
@@ -552,21 +552,22 @@ public final class CryptixRijndael_Algorithm // implicit no-argument constructor
      * @param blockSize  The block size in bytes of this Rijndael.
      * @throws  InvalidKeyException  If the key is invalid.
      */
-    public static final/* synchronized */Object makeKey(byte[] k, int blockSize) throws InvalidKeyException {
+    public static final Object makeKey(byte[] k, int blockSize) throws InvalidKeyException {
         return makeKey(k, blockSize, null);
     }
-    public static final/* synchronized */Object makeKey(byte[] k, int blockSize, CryptixAESKeyCache.KeyCacheEntry keyData) throws InvalidKeyException {
+
+    public static final Object makeKey(byte[] k, int blockSize, CryptixAESKeyCache.KeyCacheEntry keyData) throws InvalidKeyException {
         //if (_RDEBUG) trace(_IN, "makeKey(" + k + ", " + blockSize + ")");
         if (k == null) throw new InvalidKeyException("Empty key");
         if (!(k.length == 16 || k.length == 24 || k.length == 32))
             throw new InvalidKeyException("Incorrect key length");
         int ROUNDS = getRounds(k.length, blockSize);
         int BC = blockSize / 4;
-        int[][] Ke = null; // new int[ROUNDS + 1][BC]; // encryption round keys
-        int[][] Kd = null; // new int[ROUNDS + 1][BC]; // decryption round keys
+        int[][] Ke; // new int[ROUNDS + 1][BC]; // encryption round keys
+        int[][] Kd; // new int[ROUNDS + 1][BC]; // decryption round keys
         int ROUND_KEY_COUNT = (ROUNDS + 1) * BC;
         int KC = k.length / 4;
-        int[] tk = null; // new int[KC];
+        int[] tk; // new int[KC];
         int i, j;
         
         if (keyData == null) {
@@ -628,15 +629,16 @@ public final class CryptixRijndael_Algorithm // implicit no-argument constructor
                 Kd[ROUNDS - (t / BC)][t % BC] = tk[j];
             }
         }
-        for (int r = 1; r < ROUNDS; r++)
+        for (int r = 1; r < ROUNDS; r++) {
             // inverse MixColumn where needed
             for (j = 0; j < BC; j++) {
                 tt = Kd[r][j];
                 Kd[r][j] = _U1[(tt >>> 24) & 0xFF] ^ _U2[(tt >>> 16) & 0xFF] ^ _U3[(tt >>> 8) & 0xFF] ^ _U4[tt & 0xFF];
             }
+        }
         // assemble the encryption (Ke) and decryption (Kd) round keys into
         // one sessionKey object
-        Object[] sessionKey = null;
+        Object[] sessionKey;
         if (keyData == null)
             sessionKey = new Object[] { Ke, Kd};
         else

core/java/src/net/i2p/data/SessionKey.java

@@ -37,15 +37,14 @@ public class SessionKey extends SimpleDataStructure {
     }
 
     /**
-     * caveat: this method isn't synchronized with the preparedKey, so don't
-     * try to *change* the key data after already doing some 
-     * encryption/decryption (or if you do change it, be sure this object isn't
-     * mid decrypt)
+     * Sets the data.
+     * @param data 32 bytes, or null
+     * @throws IllegalArgumentException if data is not the legal number of bytes (but null is ok)
+     * @throws RuntimeException if data already set.
      */
     @Override
     public void setData(byte[] data) {
         super.setData(data);
-        _preparedKey = null;
     }
     
     /**