Package org.bouncycastle.crypto.modes

Class KCCMBlockCipher

java.lang.Object
org.bouncycastle.crypto.modes.KCCMBlockCipher
All Implemented Interfaces:
AEADBlockCipher, AEADCipher
public class KCCMBlockCipher extends Object implements AEADBlockCipher
Implementation of DSTU7624 CCM mode

  • Constructor Summary

    Constructors
    Constructor
    Description
    KCCMBlockCipher(BlockCipher engine)
    Base constructor.
    KCCMBlockCipher(BlockCipher engine, int nB)
    Constructor allowing Nb configuration.

  • Method Summary

    Modifier and Type
    Method
    Description
    int
    doFinal(byte[] out, int outOff)
    Finish the operation either appending or verifying the MAC at the end of the data.
    String
    getAlgorithmName()
    Return the name of the algorithm.
    byte[]
    getMac()
    Return the value of the MAC associated with the last stream processed.
    int
    getOutputSize(int len)
    return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.
    BlockCipher
    getUnderlyingCipher()
    return the BlockCipher this object wraps.
    int
    getUpdateOutputSize(int len)
    return the size of the output buffer required for a processBytes an input of len bytes.
    void
    init(boolean forEncryption, CipherParameters params)
    initialise the underlying cipher.
    void
    processAADByte(byte in)
    Add a single byte to the associated data check.
    void
    processAADBytes(byte[] in, int inOff, int len)
    Add a sequence of bytes to the associated data check.
    int
    processByte(byte in, byte[] out, int outOff)
    encrypt/decrypt a single byte.
    int
    processBytes(byte[] in, int inOff, int inLen, byte[] out, int outOff)
    process a block of bytes from in putting the result into out.
    int
    processPacket(byte[] in, int inOff, int len, byte[] out, int outOff)
     
    void
    reset()
    Reset the cipher.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • KCCMBlockCipher

      public KCCMBlockCipher(BlockCipher engine)
      Base constructor. Nb value is set to 4.
      Parameters:
      engine - base cipher to use under CCM.

    • KCCMBlockCipher

      public KCCMBlockCipher(BlockCipher engine, int nB)
      Constructor allowing Nb configuration.

      Nb is a parameter specified in CCM mode of DSTU7624 standard. This parameter specifies maximum possible length of input. It should be calculated as follows: Nb = 1/8 * (-3 + log[2]Nmax) + 1, where Nmax - length of input message in bits. For practical reasons Nmax usually less than 4Gb, e.g. for Nmax = 2^32 - 1, Nb = 4.

      Parameters:
      engine - base cipher to use under CCM.
      nB - Nb value to use.

  • Method Details

    • init

      public void init(boolean forEncryption, CipherParameters params) throws IllegalArgumentException
      Description copied from interface: AEADCipher
      initialise the underlying cipher. Parameter can either be an AEADParameters or a ParametersWithIV object.
      Specified by:
      init in interface AEADCipher
      Parameters:
      forEncryption - true if we are setting up for encryption, false otherwise.
      params - the necessary parameters for the underlying cipher to be initialised.
      Throws:
      IllegalArgumentException - if the params argument is inappropriate.

    • getAlgorithmName

      public String getAlgorithmName()
      Description copied from interface: AEADCipher
      Return the name of the algorithm.
      Specified by:
      getAlgorithmName in interface AEADCipher
      Returns:
      the algorithm name.

    • getUnderlyingCipher

      public BlockCipher getUnderlyingCipher()
      Description copied from interface: AEADBlockCipher
      return the BlockCipher this object wraps.
      Specified by:
      getUnderlyingCipher in interface AEADBlockCipher
      Returns:
      the BlockCipher this object wraps.

    • processAADByte

      public void processAADByte(byte in)
      Description copied from interface: AEADCipher
      Add a single byte to the associated data check.
      If the implementation supports it, this will be an online operation and will not retain the associated data.
      Specified by:
      processAADByte in interface AEADCipher
      Parameters:
      in - the byte to be processed.

    • processAADBytes

      public void processAADBytes(byte[] in, int inOff, int len)
      Description copied from interface: AEADCipher
      Add a sequence of bytes to the associated data check.
      If the implementation supports it, this will be an online operation and will not retain the associated data.
      Specified by:
      processAADBytes in interface AEADCipher
      Parameters:
      in - the input byte array.
      inOff - the offset into the in array where the data to be processed starts.
      len - the number of bytes to be processed.

    • processByte

      public int processByte(byte in, byte[] out, int outOff) throws DataLengthException, IllegalStateException
      Description copied from interface: AEADCipher
      encrypt/decrypt a single byte.
      Specified by:
      processByte in interface AEADCipher
      Parameters:
      in - the byte to be processed.
      out - the output buffer the processed byte goes into.
      outOff - the offset into the output byte array the processed data starts at.
      Returns:
      the number of bytes written to out.
      Throws:
      DataLengthException - if the output buffer is too small.
      IllegalStateException

    • processBytes

      public int processBytes(byte[] in, int inOff, int inLen, byte[] out, int outOff) throws DataLengthException, IllegalStateException
      Description copied from interface: AEADCipher
      process a block of bytes from in putting the result into out.
      Specified by:
      processBytes in interface AEADCipher
      Parameters:
      in - the input byte array.
      inOff - the offset into the in array where the data to be processed starts.
      inLen - the number of bytes to be processed.
      out - the output buffer the processed bytes go into.
      outOff - the offset into the output byte array the processed data starts at.
      Returns:
      the number of bytes written to out.
      Throws:
      DataLengthException - if the output buffer is too small.
      IllegalStateException

    • processPacket

      public int processPacket(byte[] in, int inOff, int len, byte[] out, int outOff) throws IllegalStateException, InvalidCipherTextException
      Throws:
      IllegalStateException
      InvalidCipherTextException

    • doFinal

      public int doFinal(byte[] out, int outOff) throws IllegalStateException, InvalidCipherTextException
      Description copied from interface: AEADCipher
      Finish the operation either appending or verifying the MAC at the end of the data.
      Specified by:
      doFinal in interface AEADCipher
      Parameters:
      out - space for any resulting output data.
      outOff - offset into out to start copying the data at.
      Returns:
      number of bytes written into out.
      Throws:
      IllegalStateException - if the cipher is in an inappropriate state.
      InvalidCipherTextException - if the MAC fails to match.

    • getMac

      public byte[] getMac()
      Description copied from interface: AEADCipher
      Return the value of the MAC associated with the last stream processed.
      Specified by:
      getMac in interface AEADCipher
      Returns:
      MAC for plaintext data.

    • getUpdateOutputSize

      public int getUpdateOutputSize(int len)
      Description copied from interface: AEADCipher
      return the size of the output buffer required for a processBytes an input of len bytes.

      The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to input data being processed.

      Specified by:
      getUpdateOutputSize in interface AEADCipher
      Parameters:
      len - the length of the input.
      Returns:
      the space required to accommodate a call to processBytes with len bytes of input.

    • getOutputSize

      public int getOutputSize(int len)
      Description copied from interface: AEADCipher
      return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.

      The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to a call to final processing of input data and a call to AEADCipher.doFinal(byte[], int).

      Specified by:
      getOutputSize in interface AEADCipher
      Parameters:
      len - the length of the input.
      Returns:
      the space required to accommodate a call to processBytes and doFinal with len bytes of input.

    • reset

      public void reset()
      Description copied from interface: AEADCipher
      Reset the cipher. After resetting the cipher is in the same state as it was after the last init (if there was one).
      Specified by:
      reset in interface AEADCipher