1 /*
2  * Copyright (c) 2011, 2018, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.  Oracle designates this
8  * particular file as subject to the "Classpath" exception as provided
9  * by Oracle in the LICENSE file that accompanied this code.
10  *
11  * This code is distributed in the hope that it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14  * version 2 for more details (a copy is included in the LICENSE file that
15  * accompanied this code).
16  *
17  * You should have received a copy of the GNU General Public License version
18  * 2 along with this work; if not, write to the Free Software Foundation,
19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20  *
21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22  * or visit www.oracle.com if you need additional information or have any
23  * questions.
24  */
25 
26 package javax.crypto.spec;
27 
28 import java.security.spec.AlgorithmParameterSpec;
29 
30 /**
31  * Specifies the set of parameters required by a {@link
32  * javax.crypto.Cipher} using the Galois/Counter Mode (GCM) mode.
33  * <p>
34  * Simple block cipher modes (such as CBC) generally require only an
35  * initialization vector (such as {@code IvParameterSpec}),
36  * but GCM needs these parameters:
37  * <ul>
38  * <li>{@code IV}: Initialization Vector (IV) </li>
39  * <li>{@code tLen}: length (in bits) of authentication tag T</li>
40  * </ul>
41  * <p>
42  * In addition to the parameters described here, other GCM inputs/output
43  * (Additional Authenticated Data (AAD), Keys, block ciphers,
44  * plain/ciphertext and authentication tags) are handled in the {@code
45  * Cipher} class.
46  * <p>
47  * Please see <a href="http://www.ietf.org/rfc/rfc5116.txt"> RFC 5116
48  * </a> for more information on the Authenticated Encryption with
49  * Associated Data (AEAD) algorithm, and <a href=
50  * "http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf">
51  * NIST Special Publication 800-38D</a>, "NIST Recommendation for Block
52  * Cipher Modes of Operation:  Galois/Counter Mode (GCM) and GMAC."
53  * <p>
54  * The GCM specification states that {@code tLen} may only have the
55  * values {128, 120, 112, 104, 96}, or {64, 32} for certain
56  * applications.  Other values can be specified for this class, but not
57  * all CSP implementations will support them.
58  *
59  * @see javax.crypto.Cipher
60  *
61  * @since 1.7
62  */
63 public class GCMParameterSpec implements AlgorithmParameterSpec {
64 
65     // Initialization Vector.  Could use IvParameterSpec, but that
66     // would add extra copies.
67     private byte[] iv;
68 
69     // Required Tag length (in bits).
70     private int tLen;
71 
72     /**
73      * Constructs a GCMParameterSpec using the specified authentication
74      * tag bit-length and IV buffer.
75      *
76      * @param tLen the authentication tag length (in bits)
77      * @param src the IV source buffer.  The contents of the buffer are
78      * copied to protect against subsequent modification.
79      *
80      * @throws IllegalArgumentException if {@code tLen} is negative,
81      * or {@code src} is null.
82      */
GCMParameterSpec(int tLen, byte[] src)83     public GCMParameterSpec(int tLen, byte[] src) {
84         if (src == null) {
85             throw new IllegalArgumentException("src array is null");
86         }
87 
88         init(tLen, src, 0, src.length);
89     }
90 
91     /**
92      * Constructs a GCMParameterSpec object using the specified
93      * authentication tag bit-length and a subset of the specified
94      * buffer as the IV.
95      *
96      * @param tLen the authentication tag length (in bits)
97      * @param src the IV source buffer.  The contents of the
98      * buffer are copied to protect against subsequent modification.
99      * @param offset the offset in {@code src} where the IV starts
100      * @param len the number of IV bytes
101      *
102      * @throws IllegalArgumentException if {@code tLen} is negative,
103      * {@code src} is null, {@code len} or {@code offset} is negative,
104      * or the sum of {@code offset} and {@code len} is greater than the
105      * length of the {@code src} byte array.
106      */
GCMParameterSpec(int tLen, byte[] src, int offset, int len)107     public GCMParameterSpec(int tLen, byte[] src, int offset, int len) {
108         init(tLen, src, offset, len);
109     }
110 
111     /*
112      * Check input parameters.
113      */
init(int tLen, byte[] src, int offset, int len)114     private void init(int tLen, byte[] src, int offset, int len) {
115         if (tLen < 0) {
116             throw new IllegalArgumentException(
117                 "Length argument is negative");
118         }
119         this.tLen = tLen;
120 
121         // Input sanity check
122         if ((src == null) ||(len < 0) || (offset < 0)
123                 || (len > (src.length - offset))) {
124             throw new IllegalArgumentException("Invalid buffer arguments");
125         }
126 
127         iv = new byte[len];
128         System.arraycopy(src, offset, iv, 0, len);
129     }
130 
131     /**
132      * Returns the authentication tag length.
133      *
134      * @return the authentication tag length (in bits)
135      */
getTLen()136     public int getTLen() {
137         return tLen;
138     }
139 
140     /**
141      * Returns the Initialization Vector (IV).
142      *
143      * @return the IV.  Creates a new array each time this method
144      * is called.
145      */
getIV()146     public byte[] getIV() {
147         return iv.clone();
148     }
149 }
150