Package org.bouncycastle.crypto.modes

Class GCMSIVBlockCipher

  • All Implemented Interfaces:
    AEADBlockCipher, AEADCipher
    public class GCMSIVBlockCipher
extends java.lang.Object
implements AEADBlockCipher
    GCM-SIV Mode.

    It should be noted that the specified limit of 2 36 bytes is not supported. This is because all bytes are cached in a ByteArrayOutputStream object (which has a limit of a little less than 2 31 bytes), and are output on the doFinal() call (which can only process a maximum of 2 31 bytes).

    The practical limit of 2 31 - 24 bytes is policed, and attempts to breach the limit will be rejected

    In order to properly support the higher limit, an extended form of ByteArrayOutputStream would be needed which would use multiple arrays to store the data. In addition, a new doOutput method would be required (similar to that in XOF digests), which would allow the data to be output over multiple calls. Alternatively an extended form of ByteArrayInputStream could be used to deliver the data.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      int doFinal​(byte[] pOutput, int pOffset)
      Finish the operation either appending or verifying the MAC at the end of the data.
      java.lang.String getAlgorithmName()
      Return the name of the algorithm.
      byte[] getMac()
      Return the value of the MAC associated with the last stream processed.
      int getOutputSize​(int pLen)
      return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.
      BlockCipher getUnderlyingCipher()
      return the BlockCipher this object wraps.
      int getUpdateOutputSize​(int pLen)
      return the size of the output buffer required for a processBytes an input of len bytes.
      void init​(boolean pEncrypt, CipherParameters cipherParameters)
      initialise the underlying cipher.
      void processAADByte​(byte pByte)
      Add a single byte to the associated data check.
      void processAADBytes​(byte[] pData, int pOffset, int pLen)
      Add a sequence of bytes to the associated data check.
      int processByte​(byte pByte, byte[] pOutput, int pOutOffset)
      encrypt/decrypt a single byte.
      int processBytes​(byte[] pData, int pOffset, int pLen, byte[] pOutput, int pOutOffset)
      process a block of bytes from in putting the result into out.
      void reset()
      Reset the cipher.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • GCMSIVBlockCipher

        public GCMSIVBlockCipher()
        Constructor.

      • GCMSIVBlockCipher

        public GCMSIVBlockCipher​(BlockCipher pCipher)
        Constructor.
        Parameters:
        pCipher - the underlying cipher

      • GCMSIVBlockCipher

        public GCMSIVBlockCipher​(BlockCipher pCipher,
                         GCMMultiplier pMultiplier)
        Constructor.
        Parameters:
        pCipher - the underlying cipher
        pMultiplier - the multiplier

    • Method Detail

      • init

        public void init​(boolean pEncrypt,
                 CipherParameters cipherParameters)
          throws java.lang.IllegalArgumentException
        Description copied from interface: AEADCipher
        initialise the underlying cipher. Parameter can either be an AEADParameters or a ParametersWithIV object.
        Specified by:
        init in interface AEADCipher
        Parameters:
        pEncrypt - true if we are setting up for encryption, false otherwise.
        cipherParameters - the necessary parameters for the underlying cipher to be initialised.
        Throws:
        java.lang.IllegalArgumentException - if the params argument is inappropriate.

      • getAlgorithmName

        public java.lang.String getAlgorithmName()
        Description copied from interface: AEADCipher
        Return the name of the algorithm.
        Specified by:
        getAlgorithmName in interface AEADCipher
        Returns:
        the algorithm name.

      • processAADByte

        public void processAADByte​(byte pByte)
        Description copied from interface: AEADCipher
        Add a single byte to the associated data check. If the implementation supports it, this will be an online operation and will not retain the associated data.
        Specified by:
        processAADByte in interface AEADCipher
        Parameters:
        pByte - the byte to be processed.

      • processAADBytes

        public void processAADBytes​(byte[] pData,
                            int pOffset,
                            int pLen)
        Description copied from interface: AEADCipher
        Add a sequence of bytes to the associated data check. If the implementation supports it, this will be an online operation and will not retain the associated data.
        Specified by:
        processAADBytes in interface AEADCipher
        Parameters:
        pData - the input byte array.
        pOffset - the offset into the in array where the data to be processed starts.
        pLen - the number of bytes to be processed.

      • processByte

        public int processByte​(byte pByte,
                       byte[] pOutput,
                       int pOutOffset)
                throws DataLengthException
        Description copied from interface: AEADCipher
        encrypt/decrypt a single byte.
        Specified by:
        processByte in interface AEADCipher
        Parameters:
        pByte - the byte to be processed.
        pOutput - the output buffer the processed byte goes into.
        pOutOffset - the offset into the output byte array the processed data starts at.
        Returns:
        the number of bytes written to out.
        Throws:
        DataLengthException - if the output buffer is too small.

      • processBytes

        public int processBytes​(byte[] pData,
                        int pOffset,
                        int pLen,
                        byte[] pOutput,
                        int pOutOffset)
                 throws DataLengthException
        Description copied from interface: AEADCipher
        process a block of bytes from in putting the result into out.
        Specified by:
        processBytes in interface AEADCipher
        Parameters:
        pData - the input byte array.
        pOffset - the offset into the in array where the data to be processed starts.
        pLen - the number of bytes to be processed.
        pOutput - the output buffer the processed bytes go into.
        pOutOffset - the offset into the output byte array the processed data starts at.
        Returns:
        the number of bytes written to out.
        Throws:
        DataLengthException - if the output buffer is too small.

      • doFinal

        public int doFinal​(byte[] pOutput,
                   int pOffset)
            throws java.lang.IllegalStateException,
                   InvalidCipherTextException
        Description copied from interface: AEADCipher
        Finish the operation either appending or verifying the MAC at the end of the data.
        Specified by:
        doFinal in interface AEADCipher
        Parameters:
        pOutput - space for any resulting output data.
        pOffset - offset into out to start copying the data at.
        Returns:
        number of bytes written into out.
        Throws:
        java.lang.IllegalStateException - if the cipher is in an inappropriate state.
        InvalidCipherTextException - if the MAC fails to match.

      • getMac

        public byte[] getMac()
        Description copied from interface: AEADCipher
        Return the value of the MAC associated with the last stream processed.
        Specified by:
        getMac in interface AEADCipher
        Returns:
        MAC for plaintext data.

      • getUpdateOutputSize

        public int getUpdateOutputSize​(int pLen)
        Description copied from interface: AEADCipher
        return the size of the output buffer required for a processBytes an input of len bytes.

        The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to input data being processed.

        Specified by:
        getUpdateOutputSize in interface AEADCipher
        Parameters:
        pLen - the length of the input.
        Returns:
        the space required to accommodate a call to processBytes with len bytes of input.

      • getOutputSize

        public int getOutputSize​(int pLen)
        Description copied from interface: AEADCipher
        return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.

        The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to a call to final processing of input data and a call to AEADCipher.doFinal(byte[], int).

        Specified by:
        getOutputSize in interface AEADCipher
        Parameters:
        pLen - the length of the input.
        Returns:
        the space required to accommodate a call to processBytes and doFinal with len bytes of input.

      • reset

        public void reset()
        Description copied from interface: AEADCipher
        Reset the cipher. After resetting the cipher is in the same state as it was after the last init (if there was one).
        Specified by:
        reset in interface AEADCipher