iaik.security.cipher

Class ChaCha20Poly1305CMSParameterSpec

java.lang.Object

javax.crypto.spec.IvParameterSpec

iaik.security.cipher.ChaCha20ParameterSpec

iaik.security.cipher.ChaCha20Poly1305ParameterSpec

iaik.security.cipher.ChaCha20Poly1305CMSParameterSpec

All Implemented Interfaces:

java.security.spec.AlgorithmParameterSpec

public class ChaCha20Poly1305CMSParameterSpec
extends ChaCha20Poly1305ParameterSpec

ChaCha20Poly1305 parameter specification for use with CMS (Cryptographic message syntax) according to RFC 8103.

The parameters are a 96 bit nonce value (also known as initialization vector) and additional associated data, and (for decryption) the mac value.

Note that associated data may be supplied to the ChaCha20Poly1305 Cipher only either by means of a ChaCha20Poly1305(CMS)ParameterSpec or by calling chacha20Poly1305Cipher.updateAAD(). Supplying associated data by both ChaCha20Poly1305ParameterSpec and calling chacha20Poly1305Cipher.updateAAD() is not allowed.
If associated data is specified by a ChaCha20Poly1305(CMS)ParameterSpec the associated data is also included in the parameters got from a ChaCha20Poly1305 Cipher when calling chacha20Poly1305Cipher.getParameters(). However, associated data that has been supplied by calling chacha20Poly1305Cipher.updateAAD() is not included in the parameters got from a ChaCha20Poly1305 Cipher when calling chacha20Poly1305Cipher.getParameters().

By default the mac tag is appended to the cipher text. However, when initializing a ChaCha20Poly1305 Cipher with a ChaCha20Poly1305CMSParameterSpec for use with CMS (Cryptographic Message Syntax; see RFC 8103) the mac tag is NOT appended to the cipher text and has to be got/set from/for the Cipher by means of a ChaCha20Poly1305CMSParameterSpec object, e.g.: // generate key KeyGenerator keyGenerator = KeyGenerator.getInstance("ChaCha20Poly1305", "IAIK"); SecretKey secretKey = keyGenerator.generateKey(); // the data to be encrypted byte[] plaintext = ...; // any additional associated data byte[] aad = ...; // create Cipher object Cipher cipher = Cipher.getInstance("ChaCha20Poly1305/NONE/NoPadding", "IAIK"); // create the nonce value byte[] nonce = new byte[12]; SecureRandom random = ...; random.nextBytes(nonce); // create ChaCha20Poly1305 CMS parameter spec ChaCha20Poly1305CMSParameterSpec paramSpec = new ChaCha20Poly1305CMSParameterSpec(aad, nonce); cipher.init(Cipher.ENCRYPT_MODE, secretKey, paramSpec); // encrypt data byte[] ciphertext = cipher.doFinal(plaintext); // get algorithm parameters from Cipher object AlgorithmParameters params = encryptionEngine.getParameters(); // get ChaCha20Poly1305CMSParameterSpec (including the mac from parameters) ChaCha20Poly1305CMSParameterSpec spec = (ChaCha20Poly1305CMSParameterSpec)params.getParameterSpec(ChaCha20Poly1305CMSParameterSpec.class); byte[] mac = spec.getMac(); // decryption Cipher cipher = Cipher.getInstance("ChaCha20Poly1305/NONE/NoPadding", "IAIK"); // init Cipher with ChaCha20Poly1305CMSParameterSpec containing the mac value cipher.init(Cipher.ENCRYPT_MODE, secretKey, paramSpec);

Version:

File Revision 6

See Also:

ChaCha20Poly1305Parameters, ChaCha20Poly1305ParameterSpec, Cipher

Constructor Summary

Constructors

Constructor and Description
ChaCha20Poly1305CMSParameterSpec(byte[] nonce) Creates a ChaCha20Poly1305CMSParameterSpec from the given nonce value.
ChaCha20Poly1305CMSParameterSpec(byte[] aaData, byte[] nonce) Creates a ChaCha20Poly1305CMSParameterSpec from additional associated data (aad) and the nonce.

Method Summary

Methods

Modifier and Type	Method and Description
byte[]	getMac() Gets the mac value.
void	setMac(byte[] mac) Sets the mac value.

Methods inherited from class iaik.security.cipher.ChaCha20Poly1305ParameterSpec

getAAD, getNonce

Methods inherited from class iaik.security.cipher.ChaCha20ParameterSpec

getBlockCounter

Methods inherited from class javax.crypto.spec.IvParameterSpec

getIV

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ChaCha20Poly1305CMSParameterSpec

public ChaCha20Poly1305CMSParameterSpec(byte[] nonce)

Creates a ChaCha20Poly1305CMSParameterSpec from the given nonce value.

Parameters:

nonce - the nonce

Throws:

java.lang.IllegalArgumentException - if nonce is not 96 bit long

ChaCha20Poly1305CMSParameterSpec

public ChaCha20Poly1305CMSParameterSpec(byte[] aaData,
                                byte[] nonce)

Creates a ChaCha20Poly1305CMSParameterSpec from additional associated data (aad) and the nonce.

Note that associated data may be supplied to the ChaCha20Poly1305 Cipher only either by means of a ChaCha20Poly1305CMSParameterSpec or by calling chacha20Poly1305Cipher.updateAAD(). Supplying associated data by both ChaCha20Poly1305ParameterSpec and calling chacha20Poly1305Cipher.updateAAD() is not allowed.
If associated data is specified by a ChaCha20Poly1305CMSParameterSpec the associated data is also included in the parameters got from a ChaCha20Poly1305 Cipher when calling chacha20Poly1305Cipher.getParameters(). However, associated data that has been supplied by calling chacha20Poly1305Cipher.updateAAD() is not included in the parameters got from a ChaCha20Poly1305 Cipher when calling chacha20Poly1305Cipher.getParameters().

Parameters:

aaData - the additional associated data

nonce - the nonce

Throws:

java.lang.IllegalArgumentException - if nonce is not 96 bit long

Method Detail

setMac

public void setMac(byte[] mac)

Sets the mac value.

For CMS the mac value is not appended to the cipher data, rather it has to be set/got by/from parameters.

Parameters:

mac - the mac value

getMac

public byte[] getMac()

Gets the mac value. For CMS the mac value is not appended to the cipher data, rather it has to be set/got by/from parameters.

Returns:

the mac value