Package org.bouncycastle.crypto.modes

Class CCMBlockCipher

java.lang.Object

org.bouncycastle.crypto.modes.CCMBlockCipher

All Implemented Interfaces:

AEADBlockCipher, AEADCipher, CCMModeCipher

public class CCMBlockCipher
extends Object
implements CCMModeCipher

Implements the Counter with Cipher Block Chaining mode (CCM) detailed in NIST Special Publication 800-38C.

Note: this mode is a packet mode - it needs all the data up front.

Constructor Summary

Constructors

Constructor	Description
CCMBlockCipher(BlockCipher c)	Deprecated. use the CCMBlockCipher.newInstance() static method.

Method Summary

Modifier and Type	Method	Description
int	doFinal(byte[] out, int outOff)	Finish the operation either appending or verifying the MAC at the end of the data.
String	getAlgorithmName()	Return the name of the algorithm.
byte[]	getMac()	Returns a byte array containing the mac calculated as part of the last encrypt or decrypt operation.
int	getOutputSize(int len)	return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.
BlockCipher	getUnderlyingCipher()	return the underlying block cipher that we are wrapping.
int	getUpdateOutputSize(int len)	return the size of the output buffer required for a processBytes an input of len bytes.
void	init(boolean forEncryption, CipherParameters params)	initialise the underlying cipher.
static CCMModeCipher	newInstance(BlockCipher cipher)	Return a new CCM mode cipher based on the passed in base cipher
void	processAADByte(byte in)	Add a single byte to the associated data check.
void	processAADBytes(byte[] in, int inOff, int len)	Add a sequence of bytes to the associated data check.
int	processByte(byte in, byte[] out, int outOff)	encrypt/decrypt a single byte.
int	processBytes(byte[] in, int inOff, int inLen, byte[] out, int outOff)	process a block of bytes from in putting the result into out.
byte[]	processPacket(byte[] in, int inOff, int inLen)	Process a packet of data for either CCM decryption or encryption.
int	processPacket(byte[] in, int inOff, int inLen, byte[] output, int outOff)	Process a packet of data for either CCM decryption or encryption.
void	reset()	Reset the cipher.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CCMBlockCipher

public CCMBlockCipher(BlockCipher c)

Deprecated.

use the CCMBlockCipher.newInstance() static method.

Basic constructor.

Parameters:

c - the block cipher to be used.

Method Details

newInstance

public static CCMModeCipher newInstance(BlockCipher cipher)

Return a new CCM mode cipher based on the passed in base cipher

Parameters:

cipher - the base cipher for the CCM mode.

getUnderlyingCipher

public BlockCipher getUnderlyingCipher()

return the underlying block cipher that we are wrapping.

Specified by:

getUnderlyingCipher in interface AEADBlockCipher

Returns:

the underlying block cipher that we are wrapping.

init

public void init(boolean forEncryption,
 CipherParameters params)
          throws IllegalArgumentException

Description copied from interface: AEADCipher

initialise the underlying cipher. Parameter can either be an AEADParameters or a ParametersWithIV object.

Specified by:

init in interface AEADCipher

Parameters:

forEncryption - true if we are setting up for encryption, false otherwise.

params - the necessary parameters for the underlying cipher to be initialised.

Throws:

IllegalArgumentException - if the params argument is inappropriate.

getAlgorithmName

public String getAlgorithmName()

Description copied from interface: AEADCipher

Return the name of the algorithm.

Specified by:

getAlgorithmName in interface AEADCipher

Returns:

the algorithm name.

processAADByte

public void processAADByte(byte in)

Description copied from interface: AEADCipher

Add a single byte to the associated data check.
If the implementation supports it, this will be an online operation and will not retain the associated data.

Specified by:

processAADByte in interface AEADCipher

Parameters:

in - the byte to be processed.

processAADBytes

public void processAADBytes(byte[] in,
 int inOff,
 int len)

Description copied from interface: AEADCipher

Add a sequence of bytes to the associated data check.
If the implementation supports it, this will be an online operation and will not retain the associated data.

Specified by:

processAADBytes in interface AEADCipher

Parameters:

in - the input byte array.

inOff - the offset into the in array where the data to be processed starts.

len - the number of bytes to be processed.

processByte

public int processByte(byte in,
 byte[] out,
 int outOff)
                throws DataLengthException,
IllegalStateException

Description copied from interface: AEADCipher

encrypt/decrypt a single byte.

Specified by:

processByte in interface AEADCipher

Parameters:

in - the byte to be processed.

out - the output buffer the processed byte goes into.

outOff - the offset into the output byte array the processed data starts at.

Returns:

the number of bytes written to out.

Throws:

DataLengthException - if the output buffer is too small.

IllegalStateException

processBytes

public int processBytes(byte[] in,
 int inOff,
 int inLen,
 byte[] out,
 int outOff)
                 throws DataLengthException,
IllegalStateException

Description copied from interface: AEADCipher

process a block of bytes from in putting the result into out.

Specified by:

processBytes in interface AEADCipher

Parameters:

in - the input byte array.

inOff - the offset into the in array where the data to be processed starts.

inLen - the number of bytes to be processed.

out - the output buffer the processed bytes go into.

outOff - the offset into the output byte array the processed data starts at.

Returns:

the number of bytes written to out.

Throws:

DataLengthException - if the output buffer is too small.

IllegalStateException

doFinal

public int doFinal(byte[] out,
 int outOff)
            throws IllegalStateException,
InvalidCipherTextException

Description copied from interface: AEADCipher

Finish the operation either appending or verifying the MAC at the end of the data.

Specified by:

doFinal in interface AEADCipher

Parameters:

out - space for any resulting output data.

outOff - offset into out to start copying the data at.

Returns:

number of bytes written into out.

Throws:

IllegalStateException - if the cipher is in an inappropriate state.

InvalidCipherTextException - if the MAC fails to match.

reset

public void reset()

Description copied from interface: AEADCipher

Reset the cipher. After resetting the cipher is in the same state as it was after the last init (if there was one).

Specified by:

reset in interface AEADCipher

getMac

public byte[] getMac()

Returns a byte array containing the mac calculated as part of the last encrypt or decrypt operation.

Specified by:

getMac in interface AEADCipher

Returns:

the last mac calculated.

getUpdateOutputSize

public int getUpdateOutputSize(int len)

Description copied from interface: AEADCipher

return the size of the output buffer required for a processBytes an input of len bytes.

The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to input data being processed.

Specified by:

getUpdateOutputSize in interface AEADCipher

Parameters:

len - the length of the input.

Returns:

the space required to accommodate a call to processBytes with len bytes of input.

getOutputSize

public int getOutputSize(int len)

Description copied from interface: AEADCipher

return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.

The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to a call to final processing of input data and a call to AEADCipher.doFinal(byte[], int).

Specified by:

getOutputSize in interface AEADCipher

Parameters:

len - the length of the input.

Returns:

the space required to accommodate a call to processBytes and doFinal with len bytes of input.

processPacket

public byte[] processPacket(byte[] in,
 int inOff,
 int inLen)
                     throws IllegalStateException,
InvalidCipherTextException

Process a packet of data for either CCM decryption or encryption.

Parameters:

in - data for processing.

inOff - offset at which data starts in the input array.

inLen - length of the data in the input array.

Returns:

a byte array containing the processed input..

Throws:

IllegalStateException - if the cipher is not appropriately set up.

InvalidCipherTextException - if the input data is truncated or the mac check fails.

processPacket

public int processPacket(byte[] in,
 int inOff,
 int inLen,
 byte[] output,
 int outOff)
                  throws IllegalStateException,
InvalidCipherTextException,
DataLengthException

Process a packet of data for either CCM decryption or encryption.

Parameters:

in - data for processing.

inOff - offset at which data starts in the input array.

inLen - length of the data in the input array.

output - output array.

outOff - offset into output array to start putting processed bytes.

Returns:

the number of bytes added to output.

Throws:

IllegalStateException - if the cipher is not appropriately set up.

InvalidCipherTextException - if the input data is truncated or the mac check fails.

DataLengthException - if output buffer too short.