1/*
2 * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26package javax.crypto.spec;
27
28import java.security.spec.AlgorithmParameterSpec;
29
30/**
31 * Specifies the set of parameters required by a {@link
32 * javax.crypto.Cipher} using the Galois/Counter Mode (GCM) mode.
33 * <p>
34 * Simple block cipher modes (such as CBC) generally require only an
35 * initialization vector (such as {@code IvParameterSpec}),
36 * but GCM needs these parameters:
37 * <ul>
38 * <li>{@code IV}: Initialization Vector (IV) </li>
39 * <li>{@code tLen}: length (in bits) of authentication tag T</li>
40 * </ul>
41 * <p>
42 * In addition to the parameters described here, other GCM inputs/output
43 * (Additional Authenticated Data (AAD), Keys, block ciphers,
44 * plain/ciphertext and authentication tags) are handled in the {@code
45 * Cipher} class.
46 * <p>
47 * Please see <a href="http://www.ietf.org/rfc/rfc5116.txt"> RFC 5116
48 * </a> for more information on the Authenticated Encryption with
49 * Associated Data (AEAD) algorithm, and <a href=
50 * "http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf">
51 * NIST Special Publication 800-38D</a>, "NIST Recommendation for Block
52 * Cipher Modes of Operation:  Galois/Counter Mode (GCM) and GMAC."
53 * <p>
54 * The GCM specification states that {@code tLen} may only have the
55 * values {128, 120, 112, 104, 96}, or {64, 32} for certain
56 * applications.  Other values can be specified for this class, but not
57 * all CSP implementations will support them.
58 *
59 * @see javax.crypto.Cipher
60 *
61 * @since 1.7
62 */
63public class GCMParameterSpec implements AlgorithmParameterSpec {
64
65    // Initialization Vector.  Could use IvParameterSpec, but that
66    // would add extra copies.
67    private byte[] iv;
68
69    // Required Tag length (in bits).
70    private int tLen;
71
72    /**
73     * Constructs a GCMParameterSpec using the specified authentication
74     * tag bit-length and IV buffer.
75     *
76     * @param tLen the authentication tag length (in bits)
77     * @param src the IV source buffer.  The contents of the buffer are
78     * copied to protect against subsequent modification.
79     *
80     * @throws IllegalArgumentException if {@code tLen} is negative,
81     * or {@code src} is null.
82     */
83    public GCMParameterSpec(int tLen, byte[] src) {
84        if (src == null) {
85            throw new IllegalArgumentException("src array is null");
86        }
87
88        init(tLen, src, 0, src.length);
89    }
90
91    /**
92     * Constructs a GCMParameterSpec object using the specified
93     * authentication tag bit-length and a subset of the specified
94     * buffer as the IV.
95     *
96     * @param tLen the authentication tag length (in bits)
97     * @param src the IV source buffer.  The contents of the
98     * buffer are copied to protect against subsequent modification.
99     * @param offset the offset in {@code src} where the IV starts
100     * @param len the number of IV bytes
101     *
102     * @throws IllegalArgumentException if {@code tLen} is negative,
103     * {@code src} is null, {@code len} or {@code offset} is negative,
104     * or the sum of {@code offset} and {@code len} is greater than the
105     * length of the {@code src} byte array.
106     */
107    public GCMParameterSpec(int tLen, byte[] src, int offset, int len) {
108        init(tLen, src, offset, len);
109    }
110
111    /*
112     * Check input parameters.
113     */
114    private void init(int tLen, byte[] src, int offset, int len) {
115        if (tLen < 0) {
116            throw new IllegalArgumentException(
117                "Length argument is negative");
118        }
119        this.tLen = tLen;
120
121        // Input sanity check
122        if ((src == null) ||(len < 0) || (offset < 0)
123                || ((len + offset) > src.length)) {
124            throw new IllegalArgumentException("Invalid buffer arguments");
125        }
126
127        iv = new byte[len];
128        System.arraycopy(src, offset, iv, 0, len);
129    }
130
131    /**
132     * Returns the authentication tag length.
133     *
134     * @return the authentication tag length (in bits)
135     */
136    public int getTLen() {
137        return tLen;
138    }
139
140    /**
141     * Returns the Initialization Vector (IV).
142     *
143     * @return the IV.  Creates a new array each time this method
144     * is called.
145     */
146    public byte[] getIV() {
147        return iv.clone();
148    }
149}
150