org.bouncycastle.crypto.engines
Class AsconAEAD128

java.lang.Object
  org.bouncycastle.crypto.engines.AsconBaseEngine
      org.bouncycastle.crypto.engines.AsconAEAD128

All Implemented Interfaces:

AEADCipher

public class AsconAEAD128

extends org.bouncycastle.crypto.engines.AsconBaseEngine

Ascon-AEAD128 was introduced as part of the NIST Lightweight Cryptography competition and described in the NIST Special Publication SP 800-232 (Initial Public Draft). For additional details, see: NIST SP 800-232 (Initial Public Draft) Reference, highly optimized, masked C and ASM implementations of Ascon (NIST SP 800-232)

Version:

1.3

Nested Class Summary

protected static class

AsconBaseEngine.State

Field Summary

protected java.lang.String	algorithmName
protected int	ASCON_AEAD_RATE
protected long	ASCON_IV
protected int	CRYPTO_ABYTES
protected int	CRYPTO_KEYBYTES
protected static AsconBaseEngine.State	DecAad
protected static int	DECAAD
protected static AsconBaseEngine.State	DecData
protected static int	DECDATA
protected static AsconBaseEngine.State	DecFinal
protected static int	DECFINAL
protected static AsconBaseEngine.State	DecInit
protected static int	DECINIT
protected long	dsep
protected static AsconBaseEngine.State	EncAad
protected static int	ENCAAD
protected static AsconBaseEngine.State	EncData
protected static int	ENCDATA
protected static AsconBaseEngine.State	EncFinal
protected static int	ENCFINAL
protected static AsconBaseEngine.State	EncInit
protected static int	ENCINIT
protected byte[]	initialAssociatedText
protected long	K0
protected long	K1
protected byte[]	m_buf
protected int	m_bufferSizeDecrypt
protected int	m_bufPos
protected AsconBaseEngine.State	m_state
protected byte[]	mac
protected long	N0
protected long	N1
protected int	nr
protected static AsconBaseEngine.State	Uninitialized
protected static int	UNINITIALIZED
protected long	x0
protected long	x1
protected long	x2
protected long	x3
protected long	x4

Constructor Summary

AsconAEAD128()

Method Summary

protected void	ascon_aeadinit()
protected void	checkAAD()
protected boolean	checkData()
int	doFinal(byte[] outBytes, int outOff) Finish the operation either appending or verifying the MAC at the end of the data.
java.lang.String	getAlgorithmName() Return the name of the algorithm.
java.lang.String	getAlgorithmVersion()
int	getIVBytesSize()
int	getKeyBytesSize()
byte[]	getMac() Return the value of the MAC associated with the last stream processed.
int	getOutputSize(int len) return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.
int	getUpdateOutputSize(int len) return the size of the output buffer required for a processBytes an input of len bytes.
void	init(boolean forEncryption, CipherParameters params) initialise the underlying cipher.
protected long	loadBytes(byte[] in, int inOff)
protected void	p(int nr)
protected long	pad(int i)
void	processAADByte(byte in) Add a single byte to the associated data check.
void	processAADBytes(byte[] inBytes, int inOff, int len) Add a sequence of bytes to the associated data check.
protected void	processBufferAAD(byte[] buffer, int inOff)
protected void	processBufferDecrypt(byte[] buffer, int bufOff, byte[] output, int outOff)
protected void	processBufferEncrypt(byte[] buffer, int bufOff, byte[] output, int outOff)
int	processByte(byte in, byte[] out, int outOff) encrypt/decrypt a single byte.
int	processBytes(byte[] inBytes, int inOff, int len, byte[] outBytes, int outOff) process a block of bytes from in putting the result into out.
protected void	processFinalAadBlock()
protected void	processFinalDecrypt(byte[] input, int inLen, byte[] output, int outOff)
protected void	processFinalEncrypt(byte[] input, int inLen, byte[] output, int outOff)
void	reset() Reset the cipher.
protected void	reset(boolean clearMac)
protected void	setBytes(long n, byte[] bs, int off)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

UNINITIALIZED

protected static final int UNINITIALIZED

See Also:

Constant Field Values

ENCINIT

protected static final int ENCINIT

See Also:

Constant Field Values

ENCAAD

protected static final int ENCAAD

See Also:

Constant Field Values

ENCDATA

protected static final int ENCDATA

See Also:

Constant Field Values

ENCFINAL

protected static final int ENCFINAL

See Also:

Constant Field Values

DECINIT

protected static final int DECINIT

See Also:

Constant Field Values

DECAAD

protected static final int DECAAD

See Also:

Constant Field Values

DECDATA

protected static final int DECDATA

See Also:

Constant Field Values

DECFINAL

protected static final int DECFINAL

See Also:

Constant Field Values

Uninitialized

protected static final AsconBaseEngine.State Uninitialized

EncInit

protected static final AsconBaseEngine.State EncInit

EncAad

protected static final AsconBaseEngine.State EncAad

EncData

protected static final AsconBaseEngine.State EncData

EncFinal

protected static final AsconBaseEngine.State EncFinal

DecInit

protected static final AsconBaseEngine.State DecInit

DecAad

protected static final AsconBaseEngine.State DecAad

DecData

protected static final AsconBaseEngine.State DecData

DecFinal

protected static final AsconBaseEngine.State DecFinal

m_state

protected AsconBaseEngine.State m_state

algorithmName

protected java.lang.String algorithmName

mac

protected byte[] mac

initialAssociatedText

protected byte[] initialAssociatedText

CRYPTO_KEYBYTES

protected int CRYPTO_KEYBYTES

CRYPTO_ABYTES

protected int CRYPTO_ABYTES

nr

protected int nr

ASCON_AEAD_RATE

protected int ASCON_AEAD_RATE

K0

protected long K0

K1

protected long K1

N0

protected long N0

N1

protected long N1

ASCON_IV

protected long ASCON_IV

x0

protected long x0

x1

protected long x1

x2

protected long x2

x3

protected long x3

x4

protected long x4

m_bufferSizeDecrypt

protected int m_bufferSizeDecrypt

m_buf

protected byte[] m_buf

m_bufPos

protected int m_bufPos

dsep

protected long dsep

Constructor Detail

AsconAEAD128

public AsconAEAD128()

Method Detail

pad

protected long pad(int i)

loadBytes

protected long loadBytes(byte[] in,
                         int inOff)

setBytes

protected void setBytes(long n,
                        byte[] bs,
                        int off)

ascon_aeadinit

protected void ascon_aeadinit()

processFinalAadBlock

protected void processFinalAadBlock()

processFinalDecrypt

protected void processFinalDecrypt(byte[] input,
                                   int inLen,
                                   byte[] output,
                                   int outOff)

processFinalEncrypt

protected void processFinalEncrypt(byte[] input,
                                   int inLen,
                                   byte[] output,
                                   int outOff)

init

public void init(boolean forEncryption,
                 CipherParameters params)
          throws java.lang.IllegalArgumentException

Description copied from interface: AEADCipher

initialise the underlying cipher. Parameter can either be an AEADParameters or a ParametersWithIV object.

Parameters:

forEncryption - true if we are setting up for encryption, false otherwise.

params - the necessary parameters for the underlying cipher to be initialised.

Throws:

java.lang.IllegalArgumentException - if the params argument is inappropriate.

getAlgorithmVersion

public java.lang.String getAlgorithmVersion()

p

protected void p(int nr)

checkAAD

protected void checkAAD()

checkData

protected boolean checkData()

processBufferAAD

protected void processBufferAAD(byte[] buffer,
                                int inOff)

processBufferDecrypt

protected void processBufferDecrypt(byte[] buffer,
                                    int bufOff,
                                    byte[] output,
                                    int outOff)

processBufferEncrypt

protected void processBufferEncrypt(byte[] buffer,
                                    int bufOff,
                                    byte[] output,
                                    int outOff)

processAADByte

public void processAADByte(byte in)

Description copied from interface: AEADCipher

Add a single byte to the associated data check. If the implementation supports it, this will be an online operation and will not retain the associated data.

Specified by:

processAADByte in interface AEADCipher

Parameters:

in - the byte to be processed.

processAADBytes

public void processAADBytes(byte[] inBytes,
                            int inOff,
                            int len)

Description copied from interface: AEADCipher

Add a sequence of bytes to the associated data check. If the implementation supports it, this will be an online operation and will not retain the associated data.

Specified by:

processAADBytes in interface AEADCipher

Parameters:

inBytes - the input byte array.

inOff - the offset into the in array where the data to be processed starts.

len - the number of bytes to be processed.

processByte

public int processByte(byte in,
                       byte[] out,
                       int outOff)
                throws DataLengthException

Description copied from interface: AEADCipher

encrypt/decrypt a single byte.

Specified by:

processByte in interface AEADCipher

Parameters:

in - the byte to be processed.

out - the output buffer the processed byte goes into.

outOff - the offset into the output byte array the processed data starts at.

Returns:

the number of bytes written to out.

Throws:

DataLengthException - if the output buffer is too small.

processBytes

public int processBytes(byte[] inBytes,
                        int inOff,
                        int len,
                        byte[] outBytes,
                        int outOff)
                 throws DataLengthException

Description copied from interface: AEADCipher

process a block of bytes from in putting the result into out.

Specified by:

processBytes in interface AEADCipher

Parameters:

inBytes - the input byte array.

inOff - the offset into the in array where the data to be processed starts.

len - the number of bytes to be processed.

outBytes - the output buffer the processed bytes go into.

outOff - the offset into the output byte array the processed data starts at.

Returns:

the number of bytes written to out.

Throws:

DataLengthException - if the output buffer is too small.

doFinal

public int doFinal(byte[] outBytes,
                   int outOff)
            throws java.lang.IllegalStateException,
                   InvalidCipherTextException,
                   DataLengthException

Description copied from interface: AEADCipher

Finish the operation either appending or verifying the MAC at the end of the data.

Specified by:

doFinal in interface AEADCipher

Parameters:

outBytes - space for any resulting output data.

outOff - offset into out to start copying the data at.

Returns:

number of bytes written into out.

Throws:

InvalidCipherTextException - if the MAC fails to match.

java.lang.IllegalStateException - if the cipher is in an inappropriate state.

DataLengthException

getMac

public byte[] getMac()

Description copied from interface: AEADCipher

Return the value of the MAC associated with the last stream processed.

Specified by:

getMac in interface AEADCipher

Returns:

MAC for plaintext data.

getUpdateOutputSize

public int getUpdateOutputSize(int len)

Description copied from interface: AEADCipher

return the size of the output buffer required for a processBytes an input of len bytes.

The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to input data being processed.

Specified by:

getUpdateOutputSize in interface AEADCipher

Parameters:

len - the length of the input.

Returns:

the space required to accommodate a call to processBytes with len bytes of input.

getOutputSize

public int getOutputSize(int len)

Description copied from interface: AEADCipher

return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.

The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to a call to final processing of input data and a call to AEADCipher.doFinal(byte[], int).

Specified by:

getOutputSize in interface AEADCipher

Parameters:

len - the length of the input.

Returns:

the space required to accommodate a call to processBytes and doFinal with len bytes of input.

reset

public void reset()

Description copied from interface: AEADCipher

Reset the cipher. After resetting the cipher is in the same state as it was after the last init (if there was one).

Specified by:

reset in interface AEADCipher

reset

protected void reset(boolean clearMac)

getKeyBytesSize

public int getKeyBytesSize()

getIVBytesSize

public int getIVBytesSize()

getAlgorithmName

public java.lang.String getAlgorithmName()

Description copied from interface: AEADCipher

Return the name of the algorithm.

Specified by:

getAlgorithmName in interface AEADCipher

Returns:

the algorithm name.