iaik.security.cipher

Class CCMCMSParameterSpec

java.lang.Object

iaik.security.cipher.CCMCMSParameterSpec

All Implemented Interfaces:

java.security.spec.AlgorithmParameterSpec

public class CCMCMSParameterSpec
extends java.lang.Object
implements java.security.spec.AlgorithmParameterSpec

CCM (counter with CBC-MAC) parameter specification for use with CMS.

This class holds the necessary inputs (associated data, nonce, MAC length, input length and MAC block) for the encryption and decryption with the CCM mode used with CMS.

If no parameters are passed to the constructor the nonce is generated and the macLength is set to 12. If only macLength and/or inputLength shall be specified, set nonce and associatedData to null.

When having any associated data to be authenticated (but not encrypted) it has to be be supplied to the CCM Cipher by means of a CCMCMSParameterSpec and NOT by calling ccmCipher.updateAAD().

Version:

File Revision 1

See Also:

AlgorithmParameterSpec

Constructor Summary

Constructors

Constructor and Description
CCMCMSParameterSpec() Creates a CCM Parameter specification with default values.
CCMCMSParameterSpec(byte[] associatedData, byte[] nonce, byte[] macBlock) Creates a CCM Parameter specification with the given associated data, nonce and macBlock.
CCMCMSParameterSpec(byte[] associatedData, byte[] nonce, int macLength) Creates a CCM Parameter specification with the given associated data, nonce and MAC length.
CCMCMSParameterSpec(long inputLength, byte[] associatedData, byte[] nonce, byte[] macBlock) Creates a CCM Parameter specification with the given input length, associated data, nonce and MAC block.
CCMCMSParameterSpec(long inputLength, byte[] associatedData, byte[] nonce, int macLength) Creates a CCM Parameter specification with the given input length, associated data, nonce and MAC length.

Method Summary

Methods

Modifier and Type	Method and Description
byte[]	getAssociatedData() Returns the associated data used for authentication.
long	getInputLength() Returns the length of the input data that shall be encrypted and authenticated.
byte[]	getMac() Returns the authentication block used to authenticate the plaintext and additional data.
int	getMacLength() Returns the number of bytes used from the calculated CBC-MAC-block.
byte[]	getNonce() Returns the nonce used with the IV and the CBC-MAC-calculation.
void	setInputLength(long inputLength) Set byte length of input data, needed at the beginning of the MAC-calculation.
void	setMac(byte[] mac) Sets the mac value.
void	setMacLength(int macLength) Set number of bytes that should be used as MAC.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CCMCMSParameterSpec

public CCMCMSParameterSpec(long inputLength,
                   byte[] associatedData,
                   byte[] nonce,
                   int macLength)
                    throws java.lang.Exception

Creates a CCM Parameter specification with the given input length, associated data, nonce and MAC length.

Parameters:

inputLength - length of the input data that is authenticated and encrypted

associatedData - the associated data that is authenticated

nonce - the unique nonce

macLength - number of bytes used as authentication block

Throws:

java.lang.Exception

CCMCMSParameterSpec

public CCMCMSParameterSpec(long inputLength,
                   byte[] associatedData,
                   byte[] nonce,
                   byte[] macBlock)
                    throws java.lang.Exception

Creates a CCM Parameter specification with the given input length, associated data, nonce and MAC block. MAC length will be set to 12 bytes.

Parameters:

inputLength - length of the input data that is authenticated and encrypted

associatedData - the associated data that is authenticated

nonce - the unique nonce

macBlock - the MAC block used to verify authenticity

Throws:

java.lang.Exception

CCMCMSParameterSpec

public CCMCMSParameterSpec(byte[] associatedData,
                   byte[] nonce,
                   int macLength)
                    throws java.lang.Exception

Creates a CCM Parameter specification with the given associated data, nonce and MAC length. Input data will have to be buffered.

Parameters:

associatedData - the associated data that is authenticated

nonce - the unique nonce

macLength - number of bytes used as authentication block

Throws:

java.lang.Exception

CCMCMSParameterSpec

public CCMCMSParameterSpec(byte[] associatedData,
                   byte[] nonce,
                   byte[] macBlock)
                    throws java.lang.Exception

Creates a CCM Parameter specification with the given associated data, nonce and macBlock. Input data will have to be buffered and MAC length will be set to 12 bytes.

Parameters:

associatedData - the associated data that is authenticated

nonce - the unique nonce

macBlock - the MAC block used to verify authenticity

Throws:

java.lang.Exception

CCMCMSParameterSpec

public CCMCMSParameterSpec()
                    throws java.lang.Exception

Creates a CCM Parameter specification with default values. The nonce will be generated and the MAC length will be set to 12 bytes. Input data will have to be buffered.

Throws:

java.lang.Exception

Method Detail

setInputLength

public void setInputLength(long inputLength)
                    throws java.security.InvalidAlgorithmParameterException

Set byte length of input data, needed at the beginning of the MAC-calculation.

Throws:

java.security.InvalidAlgorithmParameterException - if the specified input length is not valid

setMacLength

public void setMacLength(int macLength)
                  throws java.security.InvalidAlgorithmParameterException

Set number of bytes that should be used as MAC.

Throws:

java.security.InvalidAlgorithmParameterException - if the specified MAC length is not valid

setMac

public void setMac(byte[] mac)

Sets the mac value.

For CMS the mac value is not appended to the cipher data, rather it has to be set/got by/from parameters.

Parameters:

mac - the mac value (not cloned)

getAssociatedData

public byte[] getAssociatedData()

Returns the associated data used for authentication.

Returns:

associated data

getMacLength

public int getMacLength()

Returns the number of bytes used from the calculated CBC-MAC-block.

Returns:

number of bytes of the authentication block

getNonce

public byte[] getNonce()

Returns the nonce used with the IV and the CBC-MAC-calculation.

Returns:

nonce

getMac

public byte[] getMac()

Returns the authentication block used to authenticate the plaintext and additional data.

Returns:

macBlock

getInputLength

public long getInputLength()

Returns the length of the input data that shall be encrypted and authenticated.

Returns:

length of the input data