jdk/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/GCMParameters.java
author roland
Wed, 03 Feb 2016 12:36:18 +0100
changeset 36065 4f0e0cb7b016
parent 35302 e4d2275861c3
permissions -rw-r--r--
8143542: C2 doesn't eliminate identical checks Summary: Two identical Ifs back to back can be merged Reviewed-by: kvn

/*
 * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package com.oracle.security.ucrypto;

import java.io.IOException;
import java.util.Arrays;
import java.security.AlgorithmParametersSpi;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import javax.crypto.spec.GCMParameterSpec;
import sun.security.util.*;

/**
 * This class implements the parameter set used with GCM mode
 * which is defined in RFC5084 as follows:
 *
 * <pre>
 * GCMParameters ::= SEQUENCE {
 *   aes-nonce        OCTET STRING, -- recommended size is 12 octets
 *   aes-ICVlen       AES-GCM-ICVlen DEFAULT 12 }
 *
 * where
 * AES-GCM-ICVlen ::= INTEGER (12 | 13 | 14 | 15 | 16)
 * NOTE: however, NIST 800-38D also lists 4 (32bit) and 8 (64bit)
 * as possible AES-GCM-ICVlen values, so we allow all 6 values.
 * </pre>
 *
 * @since 9
 */
public final class GCMParameters extends AlgorithmParametersSpi {

    private byte[] iv; // i.e. aes-nonce
    private int tLen; // i.e. aes-ICVlen, in bytes

    public GCMParameters() {}

    private void setValues(byte[] iv, int tLen) throws IOException {
        if (iv == null) {
            throw new IOException("IV cannot be null");
        }
        if (tLen != 4 && tLen != 8 && (tLen < 12 || tLen > 16)) {
            throw new IOException("Unsupported tag length: " + tLen);
        }
        this.iv = iv;
        this.tLen = tLen;
    }

    protected byte[] engineGetEncoded() throws IOException {
        DerOutputStream out = new DerOutputStream();
        DerOutputStream bytes = new DerOutputStream();

        bytes.putOctetString(iv);
        bytes.putInteger(tLen);
        out.write(DerValue.tag_Sequence, bytes);
        return out.toByteArray();
    }

    protected byte[] engineGetEncoded(String format) throws IOException {
        // ignore format for now
        return engineGetEncoded();
    }

    protected <T extends AlgorithmParameterSpec>
            T engineGetParameterSpec(Class<T> paramSpec)
        throws InvalidParameterSpecException {
        if (GCMParameterSpec.class.isAssignableFrom(paramSpec)) {
            return paramSpec.cast(new GCMParameterSpec(tLen*8, iv.clone()));
        } else {
            throw new InvalidParameterSpecException
                ("Inappropriate parameter specification. Received " +
                paramSpec.getClass().getName());
        }
    }

    protected void engineInit(AlgorithmParameterSpec paramSpec)
        throws InvalidParameterSpecException {
        if (!(paramSpec instanceof GCMParameterSpec)) {
            throw new InvalidParameterSpecException
                ("Inappropriate parameter specification. Received " +
                paramSpec.getClass().getName());
        }
        GCMParameterSpec gcmSpec = (GCMParameterSpec) paramSpec;
        try {
            setValues(gcmSpec.getIV(), gcmSpec.getTLen()/8);
        } catch (IOException ioe) {
            throw new InvalidParameterSpecException(ioe.getMessage());
        }
    }

    protected void engineInit(byte[] encoded) throws IOException {
        DerValue val = new DerValue(encoded);
        if (val.tag == DerValue.tag_Sequence) {
            val.data.reset();
            setValues(val.data.getOctetString(), val.data.getInteger());
        } else {
            throw new IOException("GCM parameter parsing error: SEQ tag expected." +
                " Received: " + val.tag);
        }
    }

    protected void engineInit(byte[] encoded, String format)
        throws IOException {
        // ignore format for now
        engineInit(encoded);
    }

    protected String engineToString() {
        return ("IV=" + Arrays.toString(iv) + ", tLen=" + tLen * 8);
    }
}