Class CCMBlockCipher

  • All Implemented Interfaces:
    AEADBlockCipher, AEADCipher, CCMModeCipher

    public class CCMBlockCipher
    extends java.lang.Object
    implements CCMModeCipher
    Implements the Counter with Cipher Block Chaining mode (CCM) detailed in NIST Special Publication 800-38C.

    Note: this mode is a packet mode - it needs all the data up front.

    • Constructor Summary

      Constructors 
      Constructor Description
      CCMBlockCipher​(BlockCipher c)
      Deprecated.
      use the CCMBlockCipher.newInstance() static method.
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      int doFinal​(byte[] out, int outOff)
      Finish the operation either appending or verifying the MAC at the end of the data.
      java.lang.String getAlgorithmName()
      Return the name of the algorithm.
      byte[] getMac()
      Returns a byte array containing the mac calculated as part of the last encrypt or decrypt operation.
      int getOutputSize​(int len)
      return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.
      BlockCipher getUnderlyingCipher()
      return the underlying block cipher that we are wrapping.
      int getUpdateOutputSize​(int len)
      return the size of the output buffer required for a processBytes an input of len bytes.
      void init​(boolean forEncryption, CipherParameters params)
      initialise the underlying cipher.
      static CCMModeCipher newInstance​(BlockCipher cipher)
      Return a new CCM mode cipher based on the passed in base cipher
      void processAADByte​(byte in)
      Add a single byte to the associated data check.
      void processAADBytes​(byte[] in, int inOff, int len)
      Add a sequence of bytes to the associated data check.
      int processByte​(byte in, byte[] out, int outOff)
      encrypt/decrypt a single byte.
      int processBytes​(byte[] in, int inOff, int inLen, byte[] out, int outOff)
      process a block of bytes from in putting the result into out.
      byte[] processPacket​(byte[] in, int inOff, int inLen)
      Process a packet of data for either CCM decryption or encryption.
      int processPacket​(byte[] in, int inOff, int inLen, byte[] output, int outOff)
      Process a packet of data for either CCM decryption or encryption.
      void reset()
      Reset the cipher.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • CCMBlockCipher

        public CCMBlockCipher​(BlockCipher c)
        Deprecated.
        use the CCMBlockCipher.newInstance() static method.
        Basic constructor.
        Parameters:
        c - the block cipher to be used.
    • Method Detail

      • newInstance

        public static CCMModeCipher newInstance​(BlockCipher cipher)
        Return a new CCM mode cipher based on the passed in base cipher
        Parameters:
        cipher - the base cipher for the CCM mode.
      • getUnderlyingCipher

        public BlockCipher getUnderlyingCipher()
        return the underlying block cipher that we are wrapping.
        Specified by:
        getUnderlyingCipher in interface AEADBlockCipher
        Returns:
        the underlying block cipher that we are wrapping.
      • init

        public void init​(boolean forEncryption,
                         CipherParameters params)
                  throws java.lang.IllegalArgumentException
        Description copied from interface: AEADCipher
        initialise the underlying cipher. Parameter can either be an AEADParameters or a ParametersWithIV object.
        Specified by:
        init in interface AEADCipher
        Parameters:
        forEncryption - true if we are setting up for encryption, false otherwise.
        params - the necessary parameters for the underlying cipher to be initialised.
        Throws:
        java.lang.IllegalArgumentException - if the params argument is inappropriate.
      • getAlgorithmName

        public java.lang.String getAlgorithmName()
        Description copied from interface: AEADCipher
        Return the name of the algorithm.
        Specified by:
        getAlgorithmName in interface AEADCipher
        Returns:
        the algorithm name.
      • processAADByte

        public void processAADByte​(byte in)
        Description copied from interface: AEADCipher
        Add a single byte to the associated data check. If the implementation supports it, this will be an online operation and will not retain the associated data.
        Specified by:
        processAADByte in interface AEADCipher
        Parameters:
        in - the byte to be processed.
      • processAADBytes

        public void processAADBytes​(byte[] in,
                                    int inOff,
                                    int len)
        Description copied from interface: AEADCipher
        Add a sequence of bytes to the associated data check. If the implementation supports it, this will be an online operation and will not retain the associated data.
        Specified by:
        processAADBytes in interface AEADCipher
        Parameters:
        in - the input byte array.
        inOff - the offset into the in array where the data to be processed starts.
        len - the number of bytes to be processed.
      • processByte

        public int processByte​(byte in,
                               byte[] out,
                               int outOff)
                        throws DataLengthException,
                               java.lang.IllegalStateException
        Description copied from interface: AEADCipher
        encrypt/decrypt a single byte.
        Specified by:
        processByte in interface AEADCipher
        Parameters:
        in - the byte to be processed.
        out - the output buffer the processed byte goes into.
        outOff - the offset into the output byte array the processed data starts at.
        Returns:
        the number of bytes written to out.
        Throws:
        DataLengthException - if the output buffer is too small.
        java.lang.IllegalStateException
      • processBytes

        public int processBytes​(byte[] in,
                                int inOff,
                                int inLen,
                                byte[] out,
                                int outOff)
                         throws DataLengthException,
                                java.lang.IllegalStateException
        Description copied from interface: AEADCipher
        process a block of bytes from in putting the result into out.
        Specified by:
        processBytes in interface AEADCipher
        Parameters:
        in - the input byte array.
        inOff - the offset into the in array where the data to be processed starts.
        inLen - the number of bytes to be processed.
        out - the output buffer the processed bytes go into.
        outOff - the offset into the output byte array the processed data starts at.
        Returns:
        the number of bytes written to out.
        Throws:
        DataLengthException - if the output buffer is too small.
        java.lang.IllegalStateException
      • doFinal

        public int doFinal​(byte[] out,
                           int outOff)
                    throws java.lang.IllegalStateException,
                           InvalidCipherTextException
        Description copied from interface: AEADCipher
        Finish the operation either appending or verifying the MAC at the end of the data.
        Specified by:
        doFinal in interface AEADCipher
        Parameters:
        out - space for any resulting output data.
        outOff - offset into out to start copying the data at.
        Returns:
        number of bytes written into out.
        Throws:
        java.lang.IllegalStateException - if the cipher is in an inappropriate state.
        InvalidCipherTextException - if the MAC fails to match.
      • reset

        public void reset()
        Description copied from interface: AEADCipher
        Reset the cipher. After resetting the cipher is in the same state as it was after the last init (if there was one).
        Specified by:
        reset in interface AEADCipher
      • getMac

        public byte[] getMac()
        Returns a byte array containing the mac calculated as part of the last encrypt or decrypt operation.
        Specified by:
        getMac in interface AEADCipher
        Returns:
        the last mac calculated.
      • getUpdateOutputSize

        public int getUpdateOutputSize​(int len)
        Description copied from interface: AEADCipher
        return the size of the output buffer required for a processBytes an input of len bytes.

        The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to input data being processed.

        Specified by:
        getUpdateOutputSize in interface AEADCipher
        Parameters:
        len - the length of the input.
        Returns:
        the space required to accommodate a call to processBytes with len bytes of input.
      • getOutputSize

        public int getOutputSize​(int len)
        Description copied from interface: AEADCipher
        return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.

        The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to a call to final processing of input data and a call to AEADCipher.doFinal(byte[], int).

        Specified by:
        getOutputSize in interface AEADCipher
        Parameters:
        len - the length of the input.
        Returns:
        the space required to accommodate a call to processBytes and doFinal with len bytes of input.
      • processPacket

        public byte[] processPacket​(byte[] in,
                                    int inOff,
                                    int inLen)
                             throws java.lang.IllegalStateException,
                                    InvalidCipherTextException
        Process a packet of data for either CCM decryption or encryption.
        Parameters:
        in - data for processing.
        inOff - offset at which data starts in the input array.
        inLen - length of the data in the input array.
        Returns:
        a byte array containing the processed input..
        Throws:
        java.lang.IllegalStateException - if the cipher is not appropriately set up.
        InvalidCipherTextException - if the input data is truncated or the mac check fails.
      • processPacket

        public int processPacket​(byte[] in,
                                 int inOff,
                                 int inLen,
                                 byte[] output,
                                 int outOff)
                          throws java.lang.IllegalStateException,
                                 InvalidCipherTextException,
                                 DataLengthException
        Process a packet of data for either CCM decryption or encryption.
        Parameters:
        in - data for processing.
        inOff - offset at which data starts in the input array.
        inLen - length of the data in the input array.
        output - output array.
        outOff - offset into output array to start putting processed bytes.
        Returns:
        the number of bytes added to output.
        Throws:
        java.lang.IllegalStateException - if the cipher is not appropriately set up.
        InvalidCipherTextException - if the input data is truncated or the mac check fails.
        DataLengthException - if output buffer too short.