| /* |
| * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. Oracle designates this |
| * particular file as subject to the "Classpath" exception as provided |
| * by Oracle in the LICENSE file that accompanied this code. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| package javax.crypto.spec; |
| |
| import java.security.spec.AlgorithmParameterSpec; |
| |
| /** |
| * Specifies the set of parameters required by a {@link |
| * javax.crypto.Cipher} using the Galois/Counter Mode (GCM) mode. |
| * <p> |
| * Simple block cipher modes (such as CBC) generally require only an |
| * initialization vector (such as {@code IvParameterSpec}), |
| * but GCM needs these parameters: |
| * <ul> |
| * <li>{@code IV}: Initialization Vector (IV) </li> |
| * <li>{@code tLen}: length (in bits) of authentication tag T</li> |
| * </ul> |
| * <p> |
| * In addition to the parameters described here, other GCM inputs/output |
| * (Additional Authenticated Data (AAD), Keys, block ciphers, |
| * plain/ciphertext and authentication tags) are handled in the {@code |
| * Cipher} class. |
| * <p> |
| * Please see <a href="http://www.ietf.org/rfc/rfc5116.txt"> RFC 5116 |
| * </a> for more information on the Authenticated Encryption with |
| * Associated Data (AEAD) algorithm, and <a href= |
| * "http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf"> |
| * NIST Special Publication 800-38D</a>, "NIST Recommendation for Block |
| * Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC." |
| * <p> |
| * The GCM specification states that {@code tLen} may only have the |
| * values {128, 120, 112, 104, 96}, or {64, 32} for certain |
| * applications. Other values can be specified for this class, but not |
| * all CSP implementations will support them. |
| * |
| * @see javax.crypto.Cipher |
| * |
| * @since 1.7 |
| */ |
| public class GCMParameterSpec implements AlgorithmParameterSpec { |
| |
| // Initialization Vector. Could use IvParameterSpec, but that |
| // would add extra copies. |
| private byte[] iv; |
| |
| // Required Tag length (in bits). |
| private int tLen; |
| |
| /** |
| * Constructs a GCMParameterSpec using the specified authentication |
| * tag bit-length and IV buffer. |
| * |
| * @param tLen the authentication tag length (in bits) |
| * @param src the IV source buffer. The contents of the buffer are |
| * copied to protect against subsequent modification. |
| * |
| * @throws IllegalArgumentException if {@code tLen} is negative, |
| * or {@code src} is null. |
| */ |
| public GCMParameterSpec(int tLen, byte[] src) { |
| if (src == null) { |
| throw new IllegalArgumentException("src array is null"); |
| } |
| |
| init(tLen, src, 0, src.length); |
| } |
| |
| /** |
| * Constructs a GCMParameterSpec object using the specified |
| * authentication tag bit-length and a subset of the specified |
| * buffer as the IV. |
| * |
| * @param tLen the authentication tag length (in bits) |
| * @param src the IV source buffer. The contents of the |
| * buffer are copied to protect against subsequent modification. |
| * @param offset the offset in {@code src} where the IV starts |
| * @param len the number of IV bytes |
| * |
| * @throws IllegalArgumentException if {@code tLen} is negative, |
| * {@code src} is null, {@code len} or {@code offset} is negative, |
| * or the sum of {@code offset} and {@code len} is greater than the |
| * length of the {@code src} byte array. |
| */ |
| public GCMParameterSpec(int tLen, byte[] src, int offset, int len) { |
| init(tLen, src, offset, len); |
| } |
| |
| /* |
| * Check input parameters. |
| */ |
| private void init(int tLen, byte[] src, int offset, int len) { |
| if (tLen < 0) { |
| throw new IllegalArgumentException( |
| "Length argument is negative"); |
| } |
| this.tLen = tLen; |
| |
| // Input sanity check |
| if ((src == null) ||(len < 0) || (offset < 0) |
| || ((len + offset) > src.length)) { |
| throw new IllegalArgumentException("Invalid buffer arguments"); |
| } |
| |
| iv = new byte[len]; |
| System.arraycopy(src, offset, iv, 0, len); |
| } |
| |
| /** |
| * Returns the authentication tag length. |
| * |
| * @return the authentication tag length (in bits) |
| */ |
| public int getTLen() { |
| return tLen; |
| } |
| |
| /** |
| * Returns the Initialization Vector (IV). |
| * |
| * @return the IV. Creates a new array each time this method |
| * is called. |
| */ |
| public byte[] getIV() { |
| return iv.clone(); |
| } |
| } |