iaik.security.cipher

Class CBCCMacParameterSpec

java.lang.Object

javax.crypto.spec.IvParameterSpec

iaik.security.cipher.CBCCMacParameterSpec

All Implemented Interfaces:

java.security.spec.AlgorithmParameterSpec

public class CBCCMacParameterSpec
extends javax.crypto.spec.IvParameterSpec

Parameter specification for the AES-CBC-CMAC authenticated encryption algorithm as defined by the BSI Technical Guideline TR-03109-1.

This class holds the necessary inputs (additional data, iv, MAC length or MAC block) for the encryption and decryption.

If no parameters are passed to the constructor a 16-byte all-zero IV is generated and the macLength is set to 16:

   CBC-CMAC-Param ::= SEQUENCE {
     aes-iV OCTET STRING 
     aes-MacLen INTEGER (12 | 13 | 14 | 15 | 16) DEFAULT 16 } 
 

Version:

File Revision 2

See Also:

AlgorithmParameterSpec

Constructor Summary

Constructors

Constructor and Description
CBCCMacParameterSpec() Creates a CBCCMac Parameter specification with default values.
CBCCMacParameterSpec(byte[] iv) Creates a CBCCMac Parameter specification with the given iv.
CBCCMacParameterSpec(byte[] iv, byte[] macBlock) Creates a CBCCMac Parameter specification with the given additional data, iv and MAC block.
CBCCMacParameterSpec(byte[] iv, int macLen) Creates a CBCCMac Parameter specification with the given iv and MAC length.

Method Summary

Methods

Modifier and Type	Method and Description
protected java.lang.String	engineToString() Returns a string describing the AES-CBC-CMAC Parameters.
byte[]	getAAD() Returns the additional authenticated data.
byte[]	getMac() Returns the mac block.
int	getMacLength() Returns the number of bytes used for the MAC block.
void	setAAD(byte[] aad) Sets the additional authenticated data.
void	setMac(byte[] mac) Sets the mac value.
void	setMacLength(int macLength) Set number of bytes that should be used as MAC.

Methods inherited from class javax.crypto.spec.IvParameterSpec

getIV

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CBCCMacParameterSpec

public CBCCMacParameterSpec(byte[] iv,
                    int macLen)
                     throws java.security.InvalidAlgorithmParameterException

Creates a CBCCMac Parameter specification with the given iv and MAC length. This constructor shall be used to specify algorithm parameters for encryption. The MAC block is null. (No MAC block must be specified for encryption.)

Parameters:

iv - the IV (will be not cloned)

macLen - number of bytes used as MAC

Throws:

java.security.InvalidAlgorithmParameterException

CBCCMacParameterSpec

public CBCCMacParameterSpec(byte[] iv,
                    byte[] macBlock)
                     throws java.security.InvalidAlgorithmParameterException

Creates a CBCCMac Parameter specification with the given additional data, iv and MAC block. This constructor shall be used to specify the algorithm parameters for decryption. IV and MAC block must be set for decryption.

Parameters:

iv - the IV (will be not cloned)

macBlock - the MAC block used to verify authenticity

Throws:

java.security.InvalidAlgorithmParameterException

CBCCMacParameterSpec

public CBCCMacParameterSpec(byte[] iv)
                     throws java.security.InvalidAlgorithmParameterException

Creates a CBCCMac Parameter specification with the given iv. MAC length will be set to 16 bytes.

Parameters:

iv - the IV (will be not cloned)

Throws:

java.security.InvalidAlgorithmParameterException

CBCCMacParameterSpec

public CBCCMacParameterSpec()
                     throws java.security.InvalidAlgorithmParameterException

Creates a CBCCMac Parameter specification with default values. The iv will be generated (all zeros) and the MAC length will be set to 16 bytes.

Throws:

java.security.InvalidAlgorithmParameterException

Method Detail

setMacLength

public void setMacLength(int macLength)
                  throws java.security.InvalidAlgorithmParameterException

Set number of bytes that should be used as MAC.

Throws:

java.security.InvalidAlgorithmParameterException - if the specified MAC length is not valid

setMac

public void setMac(byte[] mac)

Sets the mac value.

For CMS the mac value is not appended to the cipher data, rather it has to be set/got by/from parameters.

Parameters:

mac - the mac value (not cloned)

setAAD

public void setAAD(byte[] aad)

Sets the additional authenticated data.

Parameters:

aad - the additional authenticated data (will not be cloned)

getAAD

public byte[] getAAD()

Returns the additional authenticated data.

Returns:

the additional authenticated data or null if no additional authenticated data has been set

getMacLength

public int getMacLength()

Returns the number of bytes used for the MAC block.

Returns:

number of bytes of the MAC block

getMac

public byte[] getMac()

Returns the mac block.

Returns:

macBlock or null if the mac block has not been set

engineToString

protected java.lang.String engineToString()

Returns a string describing the AES-CBC-CMAC Parameters.

Returns:

a formatted string describing the AES-CBC-CMAC Parameters.