iaik.security.cipher

Class OCBCMSParameterSpec

java.lang.Object

javax.crypto.spec.IvParameterSpec

iaik.security.cipher.OCBParameterSpec

iaik.security.cipher.OCBCMSParameterSpec

All Implemented Interfaces:

java.security.spec.AlgorithmParameterSpec

public class OCBCMSParameterSpec
extends OCBParameterSpec

OCB parameter specification.

This class extends class OCBParameterSpec to advice the OCB implementation to not append the tag to the cipher text (when encrypting) or provide the tag for decryption (in the case it is not appended to the cipher text).

OCB is not specified for CMS, however, in alignment to GCMParameterSpec this parameter specification class is named OCBCMSParameterSpec since CMS does not append the tag to the cipher text.

When initializing the OCB Cipher with an OCBCMSParameterSpec (instead of an OCBParameterSpec) the tag is not appended to the cipher text, but saved to the OCBCMSParameterSpec, which can be read out by calling the Cipher method getParameters():

 OCBCMSParameterSpec paramSpec = new OCBCMSParameterSpec(aad, nonce, tagLength);
 Cipher c = Cipher.getInstance("AES/OCB/NoPadding");
 c.init(Cipher.ENCRYPT_MODE, key, ocbCMSParmaterSpec);
 byte[] encr = c.doFinal(data);
 AlgorithmParameters params = c.getParameters();
 OCPCMSParameterSpec paramSpec = (OCBParameterSpec)params.getParameterSpec(OCBCMSParameterSpec.class);
 byte[] tag = paramSpec.getTag();
 

For decryption the tag has to be be specified by the parameters (because not appended to the cipher text) in order to be able to check the authenticity of the data:

 Cipher c = Cipher.getInstance("AES/OCB/NoPadding", "IAIK");
 c.init(Cipher.DECRYPT_MODE, key, params);
 byte[] ciphertext = c.doFinal(data);
 

Version:

File Revision 2

See Also:

OCBParameterSpec, OCBParameters

Constructor Summary

Constructors

Constructor and Description
OCBCMSParameterSpec() Creates a OCB Parameter specification with default values.
OCBCMSParameterSpec(byte[] aaData, byte[] nonce) Creates a OCB Parameter specification with the given additional data and nonce.
OCBCMSParameterSpec(byte[] aaData, byte[] nonce, byte[] tagBlock) Creates a OCB Parameter specification with the given additional data, nonce and TAG block.
OCBCMSParameterSpec(byte[] aaData, byte[] nonce, int tagLen) Creates an OCB Parameter specification with the given additional data, nonce and TAG length.

Method Summary

Modifier and Type	Method and Description
void	setTag(byte[] tag) Sets the tag value.

Methods inherited from class iaik.security.cipher.OCBParameterSpec

getAAD, getNonce, getTagLength, setTagLength, toString

Methods inherited from class javax.crypto.spec.IvParameterSpec

getIV

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

OCBCMSParameterSpec

public OCBCMSParameterSpec(byte[] aaData,
                           byte[] nonce,
                           int tagLen)
                    throws java.security.InvalidAlgorithmParameterException

Creates an OCB Parameter specification with the given additional data, nonce and TAG length. This constructor shall be used to specify algorithm parameters for encryption. The TAG block is null. (No TAG block must be specified for encryption.)

Parameters:

aaData - the additional data that is authenticated

nonce - the nonce/iv

tagLen - number of bytes used as TAG

Throws:

java.security.InvalidAlgorithmParameterException - if the specified tag (between 1 and 16 bytes) or nonce length (between 1 and 15 bytes) are not valid

OCBCMSParameterSpec

public OCBCMSParameterSpec(byte[] aaData,
                           byte[] nonce,
                           byte[] tagBlock)
                    throws java.security.InvalidAlgorithmParameterException

Creates a OCB Parameter specification with the given additional data, nonce and TAG block. This constructor shall be used to specify the algorithm parameters for decryption. Nonce and TAG block must be set for decryption. If the TAG block is not available at the time when creating the Parameter spec it maybe set later.

Parameters:

aaData - the additional data that is authenticated

nonce - the nonce/iv

tagBlock - the TAG block used to verify authenticity

Throws:

java.security.InvalidAlgorithmParameterException - if the specified tag (between 1 and 16 bytes) or nonce length (between 1 and 15 bytes) are not valid

OCBCMSParameterSpec

public OCBCMSParameterSpec(byte[] aaData,
                           byte[] nonce)
                    throws java.security.InvalidAlgorithmParameterException

Creates a OCB Parameter specification with the given additional data and nonce. TAG length will be set to 16 bytes.

Parameters:

aaData - the additional data that is authenticated

nonce - the nonce/iv

Throws:

java.security.InvalidAlgorithmParameterException - if the length of the specified nonce is not valid (not between 1 and 15 bytes)

OCBCMSParameterSpec

public OCBCMSParameterSpec()
                    throws java.security.InvalidAlgorithmParameterException

Creates a OCB Parameter specification with default values. The nonce will be generated and the TAG length will be set to 12 bytes.

Throws:

java.security.InvalidAlgorithmParameterException

Method Detail

setTag

public void setTag(byte[] tag)

Sets the tag value.

When using OCBCMSParameterSpec the tag value is not appended to the cipher data, rather it has to be set/got by/from parameters.

Parameters:

tag - the tag value (not cloned)