New src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/GCMParameters.java

   1 /*
   2  * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package com.oracle.security.ucrypto;
  27 
  28 import java.io.IOException;
  29 import java.util.Arrays;
  30 import java.security.AlgorithmParametersSpi;
  31 import java.security.spec.AlgorithmParameterSpec;
  32 import java.security.spec.InvalidParameterSpecException;
  33 import javax.crypto.spec.GCMParameterSpec;
  34 import sun.security.util.*;
  35 
  36 /**
  37  * This class implements the parameter set used with GCM mode
  38  * which is defined in RFC5084 as follows:
  39  *
  40  * <pre>
  41  * GCMParameters ::= SEQUENCE {
  42  *   aes-nonce        OCTET STRING, -- recommended size is 12 octets
  43  *   aes-ICVlen       AES-GCM-ICVlen DEFAULT 12 }
  44  *
  45  * where
  46  * AES-GCM-ICVlen ::= INTEGER (12 | 13 | 14 | 15 | 16)
  47  * NOTE: however, NIST 800-38D also lists 4 (32bit) and 8 (64bit)
  48  * as possible AES-GCM-ICVlen values, so we allow all 6 values.
  49  * </pre>
  50  *
  51  * @since 1.9
  52  */
  53 public final class GCMParameters extends AlgorithmParametersSpi {
  54 
  55     private byte[] iv; // i.e. aes-nonce
  56     private int tLen; // i.e. aes-ICVlen, in bytes
  57 
  58     public GCMParameters() {}
  59 
  60     private void setValues(byte[] iv, int tLen) throws IOException {
  61         if (iv == null) {
  62             throw new IOException("IV cannot be null");
  63         }
  64         if (tLen != 4 && tLen != 8 && (tLen < 12 || tLen > 16)) {
  65             throw new IOException("Unsupported tag length: " + tLen);
  66         }
  67         this.iv = iv;
  68         this.tLen = tLen;
  69     }
  70 
  71     protected byte[] engineGetEncoded() throws IOException {
  72         DerOutputStream out = new DerOutputStream();
  73         DerOutputStream bytes = new DerOutputStream();
  74 
  75         bytes.putOctetString(iv);
  76         bytes.putInteger(tLen);
  77         out.write(DerValue.tag_Sequence, bytes);
  78         return out.toByteArray();
  79     }
  80 
  81     protected byte[] engineGetEncoded(String format) throws IOException {
  82         // ignore format for now
  83         return engineGetEncoded();
  84     }
  85 
  86     protected <T extends AlgorithmParameterSpec>
  87             T engineGetParameterSpec(Class<T> paramSpec)
  88         throws InvalidParameterSpecException {
  89         if (GCMParameterSpec.class.isAssignableFrom(paramSpec)) {
  90             return paramSpec.cast(new GCMParameterSpec(tLen*8, iv.clone()));
  91         } else {
  92             throw new InvalidParameterSpecException
  93                 ("Inappropriate parameter specification");
  94         }
  95     }
  96 
  97     protected void engineInit(AlgorithmParameterSpec paramSpec)
  98         throws InvalidParameterSpecException {
  99         if (!(paramSpec instanceof GCMParameterSpec)) {
 100             throw new InvalidParameterSpecException
 101                 ("Inappropriate parameter specification");
 102         }
 103         GCMParameterSpec gcmSpec = (GCMParameterSpec) paramSpec;
 104         try {
 105             setValues(gcmSpec.getIV(), gcmSpec.getTLen()/8);
 106         } catch (IOException ioe) {
 107             throw new InvalidParameterSpecException(ioe.getMessage());
 108         }
 109     }
 110 
 111     protected void engineInit(byte[] encoded) throws IOException {
 112         DerValue val = new DerValue(encoded);
 113         if (val.tag == DerValue.tag_Sequence) {
 114             val.data.reset();
 115             setValues(val.data.getOctetString(), val.data.getInteger());
 116         } else {
 117             throw new IOException("GCM parameter parsing error: SEQ tag expected");
 118         }
 119     }
 120 
 121     protected void engineInit(byte[] encoded, String format)
 122         throws IOException {
 123         // ignore format for now
 124         engineInit(encoded);
 125     }
 126 
 127     protected String engineToString() {
 128         return ("IV=" + Arrays.toString(iv) + ", tLen=" + tLen * 8);
 129     }
 130 }