Package org.bouncycastle.crypto.modes
Class OCBBlockCipher
- java.lang.Object
-
- org.bouncycastle.crypto.modes.OCBBlockCipher
-
- All Implemented Interfaces:
AEADBlockCipher
,AEADCipher
public class OCBBlockCipher extends java.lang.Object implements AEADBlockCipher
An implementation of RFC 7253 on The OCB Authenticated-Encryption Algorithm, licensed per:License for Open-Source Software Implementations of OCB (Jan 9, 2013) — “License 1”
Under this license, you are authorized to make, use, and distribute open-source software implementations of OCB. This license terminates for you if you sue someone over their open-source software implementation of OCB claiming that you have a patent covering their implementation.This is a non-binding summary of a legal document (the link above). The parameters of the license are specified in the license document and that document is controlling.
-
-
Constructor Summary
Constructors Constructor Description OCBBlockCipher(BlockCipher hashCipher, BlockCipher mainCipher)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
clear(byte[] bs)
int
doFinal(byte[] output, int outOff)
Finish the operation either appending or verifying the MAC at the end of the data.java.lang.String
getAlgorithmName()
Return the name of the algorithm.protected byte[]
getLSub(int n)
byte[]
getMac()
Return the value of the MAC associated with the last stream processed.int
getOutputSize(int len)
return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.BlockCipher
getUnderlyingCipher()
return theBlockCipher
this object wraps.int
getUpdateOutputSize(int len)
return the size of the output buffer required for a processBytes an input of len bytes.void
init(boolean forEncryption, CipherParameters parameters)
initialise the underlying cipher.protected static byte[]
OCB_double(byte[] block)
protected static void
OCB_extend(byte[] block, int pos)
protected static int
OCB_ntz(long x)
void
processAADByte(byte input)
Add a single byte to the associated data check.void
processAADBytes(byte[] input, int off, int len)
Add a sequence of bytes to the associated data check.int
processByte(byte input, byte[] output, int outOff)
encrypt/decrypt a single byte.int
processBytes(byte[] input, int inOff, int len, byte[] output, int outOff)
process a block of bytes from in putting the result into out.protected void
processHashBlock()
protected void
processMainBlock(byte[] output, int outOff)
protected int
processNonce(byte[] N)
void
reset()
Reset the cipher.protected void
reset(boolean clearMac)
protected static int
shiftLeft(byte[] block, byte[] output)
protected void
updateHASH(byte[] LSub)
protected static void
xor(byte[] block, byte[] val)
-
-
-
Constructor Detail
-
OCBBlockCipher
public OCBBlockCipher(BlockCipher hashCipher, BlockCipher mainCipher)
-
-
Method Detail
-
getUnderlyingCipher
public BlockCipher getUnderlyingCipher()
Description copied from interface:AEADBlockCipher
return theBlockCipher
this object wraps.- Specified by:
getUnderlyingCipher
in interfaceAEADBlockCipher
- Returns:
- the
BlockCipher
this object wraps.
-
getAlgorithmName
public java.lang.String getAlgorithmName()
Description copied from interface:AEADCipher
Return the name of the algorithm.- Specified by:
getAlgorithmName
in interfaceAEADCipher
- Returns:
- the algorithm name.
-
init
public void init(boolean forEncryption, CipherParameters parameters) throws java.lang.IllegalArgumentException
Description copied from interface:AEADCipher
initialise the underlying cipher. Parameter can either be an AEADParameters or a ParametersWithIV object.- Specified by:
init
in interfaceAEADCipher
- Parameters:
forEncryption
- true if we are setting up for encryption, false otherwise.parameters
- the necessary parameters for the underlying cipher to be initialised.- Throws:
java.lang.IllegalArgumentException
- if the params argument is inappropriate.
-
processNonce
protected int processNonce(byte[] N)
-
getMac
public byte[] getMac()
Description copied from interface:AEADCipher
Return the value of the MAC associated with the last stream processed.- Specified by:
getMac
in interfaceAEADCipher
- Returns:
- MAC for plaintext data.
-
getOutputSize
public int getOutputSize(int len)
Description copied from interface:AEADCipher
return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to a call to final processing of input data and a call to
AEADCipher.doFinal(byte[], int)
.- Specified by:
getOutputSize
in interfaceAEADCipher
- Parameters:
len
- the length of the input.- Returns:
- the space required to accommodate a call to processBytes and doFinal with len bytes of input.
-
getUpdateOutputSize
public int getUpdateOutputSize(int len)
Description copied from interface:AEADCipher
return the size of the output buffer required for a processBytes an input of len bytes.The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to input data being processed.
- Specified by:
getUpdateOutputSize
in interfaceAEADCipher
- Parameters:
len
- the length of the input.- Returns:
- the space required to accommodate a call to processBytes with len bytes of input.
-
processAADByte
public void processAADByte(byte input)
Description copied from interface:AEADCipher
Add a single byte to the associated data check.
If the implementation supports it, this will be an online operation and will not retain the associated data.- Specified by:
processAADByte
in interfaceAEADCipher
- Parameters:
input
- the byte to be processed.
-
processAADBytes
public void processAADBytes(byte[] input, int off, int len)
Description copied from interface:AEADCipher
Add a sequence of bytes to the associated data check.
If the implementation supports it, this will be an online operation and will not retain the associated data.- Specified by:
processAADBytes
in interfaceAEADCipher
- Parameters:
input
- the input byte array.off
- the offset into the in array where the data to be processed starts.len
- the number of bytes to be processed.
-
processByte
public int processByte(byte input, byte[] output, int outOff) throws DataLengthException
Description copied from interface:AEADCipher
encrypt/decrypt a single byte.- Specified by:
processByte
in interfaceAEADCipher
- Parameters:
input
- the byte to be processed.output
- the output buffer the processed byte goes into.outOff
- the offset into the output byte array the processed data starts at.- Returns:
- the number of bytes written to out.
- Throws:
DataLengthException
- if the output buffer is too small.
-
processBytes
public int processBytes(byte[] input, int inOff, int len, byte[] output, int outOff) throws DataLengthException
Description copied from interface:AEADCipher
process a block of bytes from in putting the result into out.- Specified by:
processBytes
in interfaceAEADCipher
- Parameters:
input
- the input byte array.inOff
- the offset into the in array where the data to be processed starts.len
- the number of bytes to be processed.output
- the output buffer the processed bytes go into.outOff
- the offset into the output byte array the processed data starts at.- Returns:
- the number of bytes written to out.
- Throws:
DataLengthException
- if the output buffer is too small.
-
doFinal
public int doFinal(byte[] output, int outOff) throws java.lang.IllegalStateException, InvalidCipherTextException
Description copied from interface:AEADCipher
Finish the operation either appending or verifying the MAC at the end of the data.- Specified by:
doFinal
in interfaceAEADCipher
- Parameters:
output
- space for any resulting output data.outOff
- offset into out to start copying the data at.- Returns:
- number of bytes written into out.
- Throws:
java.lang.IllegalStateException
- if the cipher is in an inappropriate state.InvalidCipherTextException
- if the MAC fails to match.
-
reset
public void reset()
Description copied from interface:AEADCipher
Reset the cipher. After resetting the cipher is in the same state as it was after the last init (if there was one).- Specified by:
reset
in interfaceAEADCipher
-
clear
protected void clear(byte[] bs)
-
getLSub
protected byte[] getLSub(int n)
-
processHashBlock
protected void processHashBlock()
-
processMainBlock
protected void processMainBlock(byte[] output, int outOff)
-
reset
protected void reset(boolean clearMac)
-
updateHASH
protected void updateHASH(byte[] LSub)
-
OCB_double
protected static byte[] OCB_double(byte[] block)
-
OCB_extend
protected static void OCB_extend(byte[] block, int pos)
-
OCB_ntz
protected static int OCB_ntz(long x)
-
shiftLeft
protected static int shiftLeft(byte[] block, byte[] output)
-
xor
protected static void xor(byte[] block, byte[] val)
-
-