From 3411a7c884e281ef0fa359f08cab2e33d121ac30 Mon Sep 17 00:00:00 2001
From: zzz <zzz@mail.i2p>
Date: Sat, 17 Oct 2015 12:55:39 +0000
Subject: [PATCH] Crypto: Consolidate duplicate unlimited strength crypto check
 code

---
 .../src/net/i2p/crypto/CryptixAESEngine.java  | 23 +--------
 core/java/src/net/i2p/crypto/CryptoCheck.java | 47 +++++++++++++++++++
 .../net/i2p/router/tasks/CryptoChecker.java   | 25 +---------
 3 files changed, 50 insertions(+), 45 deletions(-)
 create mode 100644 core/java/src/net/i2p/crypto/CryptoCheck.java

diff --git a/core/java/src/net/i2p/crypto/CryptixAESEngine.java b/core/java/src/net/i2p/crypto/CryptixAESEngine.java
index f7429c6d5d..60eb630489 100644
--- a/core/java/src/net/i2p/crypto/CryptixAESEngine.java
+++ b/core/java/src/net/i2p/crypto/CryptixAESEngine.java
@@ -44,28 +44,7 @@ public class CryptixAESEngine extends AESEngine {
     
     /** see test results below */
     private static final int MIN_SYSTEM_AES_LENGTH = 704;
-    private static final boolean USE_SYSTEM_AES;
-    static {
-        boolean systemOK = false;
-        if (hasAESNI()) {
-            try {
-                systemOK = Cipher.getMaxAllowedKeyLength("AES") >= 256;
-            } catch (GeneralSecurityException gse) {
-                // a NoSuchAlgorithmException
-            } catch (NoSuchMethodError nsme) {
-                // JamVM, gij
-                try {
-                    Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
-                    SecretKeySpec key = new SecretKeySpec(new byte[32], "AES");
-                    cipher.init(Cipher.ENCRYPT_MODE, key);
-                    systemOK = true;
-                } catch (GeneralSecurityException gse) {
-                }
-            }
-        }
-        USE_SYSTEM_AES = systemOK;
-        //System.out.println("Using system AES? " + systemOK);
-    }
+    private static final boolean USE_SYSTEM_AES = hasAESNI() && CryptoCheck.isUnlimited();
 
     /**
      *  Do we have AES-NI support in the processor and JVM?
diff --git a/core/java/src/net/i2p/crypto/CryptoCheck.java b/core/java/src/net/i2p/crypto/CryptoCheck.java
new file mode 100644
index 0000000000..31eac62dce
--- /dev/null
+++ b/core/java/src/net/i2p/crypto/CryptoCheck.java
@@ -0,0 +1,47 @@
+package net.i2p.crypto;
+
+import java.security.GeneralSecurityException;
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+
+/** 
+ * Moved from CryptixAESEngine and net.i2p.router.tasks.CryptoChecker
+ *
+ * @since 0.9.23
+ */
+public class CryptoCheck {
+
+    private static final boolean _isUnlimited;
+
+    static {
+        boolean unlimited = false;
+        try {
+            unlimited = Cipher.getMaxAllowedKeyLength("AES") >= 256;
+        } catch (GeneralSecurityException gse) {
+            // a NoSuchAlgorithmException
+        } catch (NoSuchMethodError nsme) {
+            // JamVM, gij
+            try {
+                Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
+                SecretKeySpec key = new SecretKeySpec(new byte[32], "AES");
+                cipher.init(Cipher.ENCRYPT_MODE, key);
+                unlimited = true;
+            } catch (GeneralSecurityException gse) {
+            }
+        }
+        _isUnlimited = unlimited;
+    }
+
+    private CryptoCheck() {}
+
+    /**
+     *  Do we have unlimited crypto?
+     */
+    public static boolean isUnlimited() {
+        return _isUnlimited;
+    }
+
+    public static void main(String args[]) {
+        System.out.println("Unlimited? " + isUnlimited());
+    }
+}
diff --git a/router/java/src/net/i2p/router/tasks/CryptoChecker.java b/router/java/src/net/i2p/router/tasks/CryptoChecker.java
index e022931ff1..49bd84da52 100644
--- a/router/java/src/net/i2p/router/tasks/CryptoChecker.java
+++ b/router/java/src/net/i2p/router/tasks/CryptoChecker.java
@@ -5,6 +5,7 @@ import java.security.NoSuchAlgorithmException;
 import javax.crypto.Cipher;
 import javax.crypto.spec.SecretKeySpec;
 
+import net.i2p.crypto.CryptoCheck;
 import net.i2p.crypto.SigType;
 import net.i2p.router.RouterContext;
 import net.i2p.util.Log;
@@ -57,7 +58,7 @@ public class CryptoChecker {
                     log.logAlways(Log.WARN, s);
                 System.out.println(s);
             }
-            if (!isUnlimited()) {
+            if (!CryptoCheck.isUnlimited()) {
                 s = "Please consider installing the Java Cryptography Unlimited Strength Jurisdiction Policy Files from ";
                 //if (SystemVersion.isJava8())
                 //    s  += JRE8;
@@ -79,28 +80,6 @@ public class CryptoChecker {
         }
     }
 
-    /**
-     *  Copied from CryptixAESEngine
-     */
-    private static boolean isUnlimited() {
-        try {
-            if (Cipher.getMaxAllowedKeyLength("AES") < 256)
-                return false;
-        } catch (NoSuchAlgorithmException e) {
-            return false;
-        } catch (NoSuchMethodError e) {
-            // JamVM, gij
-            try {
-                Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
-                SecretKeySpec key = new SecretKeySpec(new byte[32], "AES");
-                cipher.init(Cipher.ENCRYPT_MODE, key);
-            } catch (GeneralSecurityException gse) {
-                return false;
-            }
-        }
-        return true;
-    }
-
     public static void main(String[] args) {
         warnUnavailableCrypto(null);
     }
-- 
GitLab