|
6.0 (c) 2002 IAIK, (c) 2003 - 2022 SIC |
|
public class CCMParameters
extends java.security.AlgorithmParametersSpi
CCMParameters ::= SEQUENCE {
aes-nonce OCTET STRING (SIZE(7..13)),
aes-ICVlen AES-CCM-ICVlen DEFAULT 12 }
AES-CCM-ICVlen ::= INTEGER (4 | 6 | 8 | 10 | 12 | 14 | 16)
Additionally, this class holds the CCM parameter associated data. The
inputLength can only be specified in a CCMParameterSpec object.
CCMParameters can be generated by calling one of the AlgorithmParameters.getInstance
methods. Subsequently the new AlgorithmParameters object must be initialized with
a proper parameter specification (class CCMParameterSpec is recommended) or a DER encoded byte array, e.g.
CCMParameterSpec ccmParamSpec = ...;
AlgorithmParameters params = AlgorithmParameters.getInstance("CCM", "IAIK");
params.init(ccmParamsSpec);
The CCMParameters can also be initialized with an IvParameterSpec object. In this case, the specified IV
will be used as nonce.
| Constructor and Description |
|---|
CCMParameters()
The default constructor.
|
CCMParameters(byte[] associatedData,
byte[] nonce,
int macLength)
Creates CCM Parameters with the given associated data, nonce and MAC length.
|
| Modifier and Type | Method and Description |
|---|---|
static void |
checkKeyAndNonceReuse(boolean check)
Dis/Enables check for key/nonce reuse.
|
protected byte[] |
engineGetEncoded()
Returns the parameters as DER byte array.
|
protected byte[] |
engineGetEncoded(java.lang.String format)
Returns the parameters as a DER byte array.
|
protected java.security.spec.AlgorithmParameterSpec |
engineGetParameterSpec(java.lang.Class paramSpec)
Returns a CCM Parameter Specification of this CCM Parameters object.
|
protected void |
engineInit(java.security.spec.AlgorithmParameterSpec paramSpec)
Initializes this parameters object using the parameters specified in paramSpec.
|
protected void |
engineInit(byte[] params)
Initializes this CCMParameters object from the given DER encoded byte array.
|
protected void |
engineInit(byte[] params,
java.lang.String format)
Inits the parameters from an DER encoded byte array.
|
protected java.lang.String |
engineToString()
Returns a formatted string describing the CCM Parameters.
|
static void |
setIncludeDefaultMacLengthInEncding(boolean include)
Decides whether the aes-ICVlen (macLength) component should be
included when encoding CCM parameters if it has the default value (12).
|
public CCMParameters()
throws java.security.InvalidAlgorithmParameterException
AlgorithmParameters.getInstance for obtaining CCMParameters.java.security.InvalidAlgorithmParameterException - if the parameter values are incorrectpublic CCMParameters(byte[] associatedData,
byte[] nonce,
int macLength)
throws java.security.InvalidAlgorithmParameterException
nonce - the unique noncemacLength - number of bytes used for Authenticationjava.security.InvalidAlgorithmParameterException - if the parameter values are incorrectpublic static void setIncludeDefaultMacLengthInEncding(boolean include)
include - whether to include a default macLength value (12)
when encoding CCM parameters or not (by default the
default value is not included)public static void checkKeyAndNonceReuse(boolean check)
CCM shall not be used with same key and nonce multiple times. We cannot check any
key/nonce pair that may have been used in the past, but we can check if a Cipher
has been reinitialized before used for encryption a second time.
This means we only check if Cipher.init() has been called before
any further Cipher.update() or Cipher.doFinal() after
an encryption operation has been finished; we do not check if an Cipher.init()
call has actually provided a new key/nonce combination.
check - true to enable key/nonce reuse check (default), false
to disable itprotected byte[] engineGetEncoded()
throws java.io.IOException
engineGetEncoded in class java.security.AlgorithmParametersSpijava.io.IOException - if an encoding error occursprotected byte[] engineGetEncoded(java.lang.String format)
throws java.io.IOException
Format is ignored. Only DER encoding is supported at this time. This method
only calls engineGetEncoded(), regardless of what
is specified in the format string.
engineGetEncoded in class java.security.AlgorithmParametersSpiformat - the encoding format; ignoredjava.io.IOException - if an encoding error occursprotected java.security.spec.AlgorithmParameterSpec engineGetParameterSpec(java.lang.Class paramSpec)
throws java.security.spec.InvalidParameterSpecException
CCMParameterSpec than a InvalidParameterSpecException is thrown.engineGetParameterSpec in class java.security.AlgorithmParametersSpiparamSpec - the specification class in which the parameters should be returned
- has to be the class CCMParameterSpecjava.security.spec.InvalidParameterSpecException - if the requested parameter specification is inappropriate
for this parameter object.protected void engineInit(java.security.spec.AlgorithmParameterSpec paramSpec)
throws java.security.spec.InvalidParameterSpecException
engineInit in class java.security.AlgorithmParametersSpiparamSpec - the parameter specification - must be CCMParameterSpec.java.security.spec.InvalidParameterSpecException - if the given parameter specification is
inappropriate for the initialization of this parameter object.protected void engineInit(byte[] params)
throws java.io.IOException
engineInit in class java.security.AlgorithmParametersSpiparams - the DER encoded byte arrayjava.io.IOException - if an error occurs when decoding the given byte array or
the derived parameter values are invalidprotected void engineInit(byte[] params,
java.lang.String format)
throws java.io.IOException
engineInit(params) for initializing this CCMParameters
object from the given DER encoded byte array, regardless of what is specified
in the format string.
engineInit in class java.security.AlgorithmParametersSpiparams - the DER encoded byte arrayformat - the encoding format; ignoredjava.io.IOException - if an error occurs when decoding the given byte arrayprotected java.lang.String engineToString()
engineToString in class java.security.AlgorithmParametersSpi