org.bouncycastle.crypto.modes
Class GCMSIVBlockCipher

java.lang.Object
  |
  +--org.bouncycastle.crypto.modes.GCMSIVBlockCipher

All Implemented Interfaces:

AEADBlockCipher, AEADCipher

public class GCMSIVBlockCipher

extends java.lang.Object

implements AEADBlockCipher

GCM-SIV Mode.

It should be noted that the specified limit of 2 36 bytes is not supported. This is because all bytes are cached in a ByteArrayOutputStream object (which has a limit of a little less than 2 31 bytes), and are output on the doFinal() call (which can only process a maximum of 2 31 bytes).

The practical limit of 2 31 - 24 bytes is policed, and attempts to breach the limit will be rejected

In order to properly support the higher limit, an extended form of ByteArrayOutputStream would be needed which would use multiple arrays to store the data. In addition, a new doOutput method would be required (similar to that in XOF digests), which would allow the data to be output over multiple calls. Alternatively an extended form of ByteArrayInputStream could be used to deliver the data.

Constructor Summary

GCMSIVBlockCipher()
Constructor.

GCMSIVBlockCipher(BlockCipher pCipher)
Constructor.

GCMSIVBlockCipher(BlockCipher pCipher, GCMMultiplier pMultiplier)
Constructor.

Method Summary

int	doFinal(byte[] pOutput, int pOffset) Finish the operation either appending or verifying the MAC at the end of the data.
java.lang.String	getAlgorithmName() Return the name of the algorithm.
byte[]	getMac() Return the value of the MAC associated with the last stream processed.
int	getOutputSize(int pLen) return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.
BlockCipher	getUnderlyingCipher() return the BlockCipher this object wraps.
int	getUpdateOutputSize(int pLen) return the size of the output buffer required for a processBytes an input of len bytes.
void	init(boolean pEncrypt, CipherParameters cipherParameters) initialise the underlying cipher.
void	processAADByte(byte pByte) Add a single byte to the associated data check.
void	processAADBytes(byte[] pData, int pOffset, int pLen) Add a sequence of bytes to the associated data check.
int	processByte(byte pByte, byte[] pOutput, int pOutOffset) encrypt/decrypt a single byte.
int	processBytes(byte[] pData, int pOffset, int pLen, byte[] pOutput, int pOutOffset) process a block of bytes from in putting the result into out.
void	reset() Reset the cipher.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

GCMSIVBlockCipher

public GCMSIVBlockCipher()

Constructor.

GCMSIVBlockCipher

public GCMSIVBlockCipher(BlockCipher pCipher)

Constructor.

Parameters:

pCipher - the underlying cipher

GCMSIVBlockCipher

public GCMSIVBlockCipher(BlockCipher pCipher,
                         GCMMultiplier pMultiplier)

Constructor.

Parameters:

pCipher - the underlying cipher

pMultiplier - the multiplier

Method Detail

getUnderlyingCipher

public BlockCipher getUnderlyingCipher()

Description copied from interface: AEADBlockCipher

return the BlockCipher this object wraps.

Specified by:

getUnderlyingCipher in interface AEADBlockCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADBlockCipher

Returns:

the BlockCipher this object wraps.

init

public void init(boolean pEncrypt,
                 CipherParameters cipherParameters)
          throws java.lang.IllegalArgumentException

Description copied from interface: AEADCipher

initialise the underlying cipher. Parameter can either be an AEADParameters or a ParametersWithIV object.

Specified by:

init in interface AEADCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADCipher

Parameters:

forEncryption - true if we are setting up for encryption, false otherwise.

params - the necessary parameters for the underlying cipher to be initialised.

Throws:

java.lang.IllegalArgumentException - if the params argument is inappropriate.

getAlgorithmName

public java.lang.String getAlgorithmName()

Description copied from interface: AEADCipher

Return the name of the algorithm.

Specified by:

getAlgorithmName in interface AEADCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADCipher

Returns:

the algorithm name.

processAADByte

public void processAADByte(byte pByte)

Description copied from interface: AEADCipher

Add a single byte to the associated data check. If the implementation supports it, this will be an online operation and will not retain the associated data.

Specified by:

processAADByte in interface AEADCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADCipher

Parameters:

in - the byte to be processed.

processAADBytes

public void processAADBytes(byte[] pData,
                            int pOffset,
                            int pLen)

Description copied from interface: AEADCipher

Add a sequence of bytes to the associated data check. If the implementation supports it, this will be an online operation and will not retain the associated data.

Specified by:

processAADBytes in interface AEADCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADCipher

Parameters:

in - the input byte array.

inOff - the offset into the in array where the data to be processed starts.

len - the number of bytes to be processed.

processByte

public int processByte(byte pByte,
                       byte[] pOutput,
                       int pOutOffset)
                throws DataLengthException

Description copied from interface: AEADCipher

encrypt/decrypt a single byte.

Specified by:

processByte in interface AEADCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADCipher

Parameters:

in - the byte to be processed.

out - the output buffer the processed byte goes into.

outOff - the offset into the output byte array the processed data starts at.

Returns:

the number of bytes written to out.

Throws:

DataLengthException - if the output buffer is too small.

processBytes

public int processBytes(byte[] pData,
                        int pOffset,
                        int pLen,
                        byte[] pOutput,
                        int pOutOffset)
                 throws DataLengthException

Description copied from interface: AEADCipher

process a block of bytes from in putting the result into out.

Specified by:

processBytes in interface AEADCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADCipher

Parameters:

in - the input byte array.

inOff - the offset into the in array where the data to be processed starts.

len - the number of bytes to be processed.

out - the output buffer the processed bytes go into.

outOff - the offset into the output byte array the processed data starts at.

Returns:

the number of bytes written to out.

Throws:

DataLengthException - if the output buffer is too small.

doFinal

public int doFinal(byte[] pOutput,
                   int pOffset)
            throws java.lang.IllegalStateException,
                   InvalidCipherTextException

Description copied from interface: AEADCipher

Finish the operation either appending or verifying the MAC at the end of the data.

Specified by:

doFinal in interface AEADCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADCipher

Parameters:

out - space for any resulting output data.

outOff - offset into out to start copying the data at.

Returns:

number of bytes written into out.

Throws:

java.lang.IllegalStateException - if the cipher is in an inappropriate state.

InvalidCipherTextException - if the MAC fails to match.

getMac

public byte[] getMac()

Description copied from interface: AEADCipher

Return the value of the MAC associated with the last stream processed.

Specified by:

getMac in interface AEADCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADCipher

Returns:

MAC for plaintext data.

getUpdateOutputSize

public int getUpdateOutputSize(int pLen)

Description copied from interface: AEADCipher

return the size of the output buffer required for a processBytes an input of len bytes.

The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to input data being processed.

Specified by:

getUpdateOutputSize in interface AEADCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADCipher

Parameters:

len - the length of the input.

Returns:

the space required to accommodate a call to processBytes with len bytes of input.

getOutputSize

public int getOutputSize(int pLen)

Description copied from interface: AEADCipher

return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.

The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to a call to final processing of input data and a call to AEADCipher.doFinal(byte[], int).

Specified by:

getOutputSize in interface AEADCipher

Following copied from interface: org.bouncycastle.crypto.modes.AEADCipher

Parameters:

len - the length of the input.

Returns:

the space required to accommodate a call to processBytes and doFinal with len bytes of input.

reset

public void reset()

Description copied from interface: AEADCipher

Reset the cipher. After resetting the cipher is in the same state as it was after the last init (if there was one).

Specified by:

reset in interface AEADCipher