List of usage examples for org.bouncycastle.crypto.params AEADParameters getKey
public KeyParameter getKey()
From source file:freenet.crypt.OCBBlockCipher_v149.java
License:Open Source License
public void init(boolean forEncryption, CipherParameters parameters) throws IllegalArgumentException { this.forEncryption = forEncryption; this.macBlock = null; KeyParameter keyParameter;//from w ww . j a va2 s . co m byte[] N; if (parameters instanceof AEADParameters) { AEADParameters aeadParameters = (AEADParameters) parameters; N = aeadParameters.getNonce(); initialAssociatedText = aeadParameters.getAssociatedText(); int macSizeBits = aeadParameters.getMacSize(); if (macSizeBits < 64 || macSizeBits > 128 || macSizeBits % 8 != 0) { throw new IllegalArgumentException("Invalid value for MAC size: " + macSizeBits); } macSize = macSizeBits / 8; keyParameter = aeadParameters.getKey(); } else if (parameters instanceof ParametersWithIV) { ParametersWithIV parametersWithIV = (ParametersWithIV) parameters; N = parametersWithIV.getIV(); initialAssociatedText = null; macSize = 16; keyParameter = (KeyParameter) parametersWithIV.getParameters(); } else { throw new IllegalArgumentException("invalid parameters passed to OCB"); } this.hashBlock = new byte[16]; this.mainBlock = new byte[forEncryption ? BLOCK_SIZE : (BLOCK_SIZE + macSize)]; if (N == null) { N = new byte[0]; } /* * TODO There's currently a thread on CFRG * (http://www.ietf.org/mail-archive/web/cfrg/current/msg03433.html) debating including * (macSize % 128) in the nonce, in which case this test becomes simpler: */ // if (N.length > 15) // { // throw new IllegalArgumentException("IV must be no more than 120 bits"); // } if (N.length > 16 || (N.length == 16 && (N[0] & 0x80) != 0)) { /* * NOTE: We don't just ignore bit 128 because it would hide from the caller the fact * that two nonces differing only in bit 128 are not different. */ throw new IllegalArgumentException("IV must be no more than 127 bits"); } /* * KEY-DEPENDENT INITIALISATION */ if (keyParameter == null) { // TODO If 'keyParameter' is null we're re-using the last key. } // hashCipher always used in forward mode hashCipher.init(true, keyParameter); mainCipher.init(forEncryption, keyParameter); this.L_Asterisk = new byte[16]; hashCipher.processBlock(L_Asterisk, 0, L_Asterisk, 0); this.L_Dollar = OCB_double(L_Asterisk); this.L = new Vector(); this.L.addElement(OCB_double(L_Dollar)); /* * NONCE-DEPENDENT AND PER-ENCRYPTION/DECRYPTION INITIALISATION */ byte[] nonce = new byte[16]; System.arraycopy(N, 0, nonce, nonce.length - N.length, N.length); /* * TODO There's currently a thread on CFRG * (http://www.ietf.org/mail-archive/web/cfrg/current/msg03433.html) debating including * (macSize % 128) in the nonce, in which case this code becomes simpler: */ // nonce[0] = (byte)(macSize << 4); // nonce[15 - N.length] |= 1; if (N.length == 16) { nonce[0] &= 0x80; } else { nonce[15 - N.length] = 1; } int bottom = nonce[15] & 0x3F; // System.out.println("bottom: " + bottom); byte[] Ktop = new byte[16]; nonce[15] &= 0xC0; hashCipher.processBlock(nonce, 0, Ktop, 0); byte[] Stretch = new byte[24]; System.arraycopy(Ktop, 0, Stretch, 0, 16); for (int i = 0; i < 8; ++i) { Stretch[16 + i] = (byte) (Ktop[i] ^ Ktop[i + 1]); } this.OffsetMAIN_0 = new byte[16]; int bits = bottom % 8, bytes = bottom / 8; if (bits == 0) { System.arraycopy(Stretch, bytes, OffsetMAIN_0, 0, 16); } else { for (int i = 0; i < 16; ++i) { int b1 = Stretch[bytes] & 0xff; int b2 = Stretch[++bytes] & 0xff; this.OffsetMAIN_0[i] = (byte) ((b1 << bits) | (b2 >>> (8 - bits))); } } this.hashBlockPos = 0; this.mainBlockPos = 0; this.hashBlockCount = 0; this.mainBlockCount = 0; this.OffsetHASH = new byte[16]; this.Sum = new byte[16]; this.OffsetMAIN = Arrays.clone(this.OffsetMAIN_0); this.Checksum = new byte[16]; if (initialAssociatedText != null) { processAADBytes(initialAssociatedText, 0, initialAssociatedText.length); } }