org.bouncycastle.crypto.modes

Class OCBBlockCipher

java.lang.Object

org.bouncycastle.crypto.modes.OCBBlockCipher

All Implemented Interfaces:

AEADBlockCipher

public class OCBBlockCipher
extends java.lang.Object
implements AEADBlockCipher

An implementation of the "work in progress" Internet-Draft The OCB Authenticated-Encryption Algorithm, licensed per:

License for Open-Source Software Implementations of OCB (Jan 9, 2013) — “License 1”
Under this license, you are authorized to make, use, and distribute open-source software implementations of OCB. This license terminates for you if you sue someone over their open-source software implementation of OCB claiming that you have a patent covering their implementation.

This is a non-binding summary of a legal document (the link above). The parameters of the license are specified in the license document and that document is controlling.

Constructor Summary

Constructors

Constructor and Description
OCBBlockCipher(BlockCipher hashCipher, BlockCipher mainCipher)

Method Summary

Methods

Modifier and Type	Method and Description
protected void	clear(byte[] bs)
int	doFinal(byte[] output, int outOff) Finish the operation either appending or verifying the MAC at the end of the data.
java.lang.String	getAlgorithmName() Return the name of the algorithm.
protected byte[]	getLSub(int n)
byte[]	getMac() Return the value of the MAC associated with the last stream processed.
int	getOutputSize(int len) return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.
BlockCipher	getUnderlyingCipher() return the cipher this object wraps.
int	getUpdateOutputSize(int len) return the size of the output buffer required for a processBytes an input of len bytes.
void	init(boolean forEncryption, CipherParameters parameters) initialise the underlying cipher.
protected static byte[]	OCB_double(byte[] block)
protected static void	OCB_extend(byte[] block, int pos)
protected static int	OCB_ntz(long x)
void	processAADByte(byte input) Add a single byte to the associated data check.
void	processAADBytes(byte[] input, int off, int len) Add a sequence of bytes to the associated data check.
int	processByte(byte input, byte[] output, int outOff) encrypt/decrypt a single byte.
int	processBytes(byte[] input, int inOff, int len, byte[] output, int outOff) process a block of bytes from in putting the result into out.
protected void	processHashBlock()
protected void	processMainBlock(byte[] output, int outOff)
void	reset() Reset the cipher.
protected void	reset(boolean clearMac)
protected static int	shiftLeft(byte[] block, byte[] output)
protected void	updateHASH(byte[] LSub)
protected static void	xor(byte[] block, byte[] val)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OCBBlockCipher

public OCBBlockCipher(BlockCipher hashCipher,
              BlockCipher mainCipher)

Method Detail

getUnderlyingCipher

public BlockCipher getUnderlyingCipher()

Description copied from interface: AEADBlockCipher

return the cipher this object wraps.

Specified by:

getUnderlyingCipher in interface AEADBlockCipher

Returns:

the cipher this object wraps.

getAlgorithmName

public java.lang.String getAlgorithmName()

Description copied from interface: AEADBlockCipher

Return the name of the algorithm.

Specified by:

getAlgorithmName in interface AEADBlockCipher

Returns:

the algorithm name.

init

public void init(boolean forEncryption,
        CipherParameters parameters)
          throws java.lang.IllegalArgumentException

Description copied from interface: AEADBlockCipher

initialise the underlying cipher. Parameter can either be an AEADParameters or a ParametersWithIV object.

Specified by:

init in interface AEADBlockCipher

Parameters:

forEncryption - true if we are setting up for encryption, false otherwise.

parameters - the necessary parameters for the underlying cipher to be initialised.

Throws:

java.lang.IllegalArgumentException - if the params argument is inappropriate.

getMac

public byte[] getMac()

Description copied from interface: AEADBlockCipher

Return the value of the MAC associated with the last stream processed.

Specified by:

getMac in interface AEADBlockCipher

Returns:

MAC for plaintext data.

getOutputSize

public int getOutputSize(int len)

Description copied from interface: AEADBlockCipher

return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.

Specified by:

getOutputSize in interface AEADBlockCipher

Parameters:

len - the length of the input.

Returns:

the space required to accommodate a call to processBytes and doFinal with len bytes of input.

getUpdateOutputSize

public int getUpdateOutputSize(int len)

Description copied from interface: AEADBlockCipher

return the size of the output buffer required for a processBytes an input of len bytes.

Specified by:

getUpdateOutputSize in interface AEADBlockCipher

Parameters:

len - the length of the input.

Returns:

the space required to accommodate a call to processBytes with len bytes of input.

processAADByte

public void processAADByte(byte input)

Description copied from interface: AEADBlockCipher

Add a single byte to the associated data check.
If the implementation supports it, this will be an online operation and will not retain the associated data.

Specified by:

processAADByte in interface AEADBlockCipher

Parameters:

input - the byte to be processed.

processAADBytes

public void processAADBytes(byte[] input,
                   int off,
                   int len)

Description copied from interface: AEADBlockCipher

Add a sequence of bytes to the associated data check.
If the implementation supports it, this will be an online operation and will not retain the associated data.

Specified by:

processAADBytes in interface AEADBlockCipher

Parameters:

input - the input byte array.

off - the offset into the in array where the data to be processed starts.

len - the number of bytes to be processed.

processByte

public int processByte(byte input,
              byte[] output,
              int outOff)
                throws DataLengthException

Description copied from interface: AEADBlockCipher

encrypt/decrypt a single byte.

Specified by:

processByte in interface AEADBlockCipher

Parameters:

input - the byte to be processed.

output - the output buffer the processed byte goes into.

outOff - the offset into the output byte array the processed data starts at.

Returns:

the number of bytes written to out.

Throws:

DataLengthException - if the output buffer is too small.

processBytes

public int processBytes(byte[] input,
               int inOff,
               int len,
               byte[] output,
               int outOff)
                 throws DataLengthException

Description copied from interface: AEADBlockCipher

process a block of bytes from in putting the result into out.

Specified by:

processBytes in interface AEADBlockCipher

Parameters:

input - the input byte array.

inOff - the offset into the in array where the data to be processed starts.

len - the number of bytes to be processed.

output - the output buffer the processed bytes go into.

outOff - the offset into the output byte array the processed data starts at.

Returns:

the number of bytes written to out.

Throws:

DataLengthException - if the output buffer is too small.

doFinal

public int doFinal(byte[] output,
          int outOff)
            throws java.lang.IllegalStateException,
                   InvalidCipherTextException

Description copied from interface: AEADBlockCipher

Finish the operation either appending or verifying the MAC at the end of the data.

Specified by:

doFinal in interface AEADBlockCipher

Parameters:

output - space for any resulting output data.

outOff - offset into out to start copying the data at.

Returns:

number of bytes written into out.

Throws:

java.lang.IllegalStateException - if the cipher is in an inappropriate state.

InvalidCipherTextException - if the MAC fails to match.

reset

public void reset()

Description copied from interface: AEADBlockCipher

Reset the cipher. After resetting the cipher is in the same state as it was after the last init (if there was one).

Specified by:

reset in interface AEADBlockCipher

clear

protected void clear(byte[] bs)

getLSub

protected byte[] getLSub(int n)

processHashBlock

protected void processHashBlock()

processMainBlock

protected void processMainBlock(byte[] output,
                    int outOff)

reset

protected void reset(boolean clearMac)

updateHASH

protected void updateHASH(byte[] LSub)

OCB_double

protected static byte[] OCB_double(byte[] block)

OCB_extend

protected static void OCB_extend(byte[] block,
              int pos)

OCB_ntz

protected static int OCB_ntz(long x)

shiftLeft

protected static int shiftLeft(byte[] block,
            byte[] output)

xor

protected static void xor(byte[] block,
       byte[] val)