org.bouncycastle.jcajce.provider.AuthParametersCreator Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of bc-fips-debug Show documentation

The FIPS 140-2 Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms certified to FIPS 140-2 level 1. This jar contains the debug version JCE provider and low-level API for the BC-FJA version 1.0.2.3, FIPS Certificate #3514. Please note the debug jar is not certified.

There is a newer version: 2.0.0

Show newest version

package org.bouncycastle.jcajce.provider;

import java.security.InvalidAlgorithmParameterException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;

import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.RC2ParameterSpec;

import org.bouncycastle.crypto.AuthenticationParameters;
import org.bouncycastle.crypto.AuthenticationParametersWithIV;
import org.bouncycastle.internal.asn1.cms.GCMParameters;
import org.bouncycastle.jcajce.spec.AEADParameterSpec;

class AuthParametersCreator
    implements ParametersCreator, MacParametersCreator
{
    private final AuthenticationParametersWithIV baseParameters;

    AuthParametersCreator(AuthenticationParametersWithIV baseParameters)
    {
        this.baseParameters = baseParameters;
    }

    public AuthenticationParameters getBaseParameters()
    {
        return baseParameters;
    }

    public AuthenticationParameters createParameters(boolean forEncryption, AlgorithmParameterSpec spec, SecureRandom random)
        throws InvalidAlgorithmParameterException
    {
        if (spec instanceof AEADParameterSpec)
        {
            AEADParameterSpec ivTagSpec = (AEADParameterSpec)spec;

            return (AuthenticationParameters)baseParameters.withIV(ivTagSpec.getNonce()).withMACSize(ivTagSpec.getMacSizeInBits());
        }

        if (spec instanceof IvParameterSpec)
        {
            return baseParameters.withIV(((IvParameterSpec)spec).getIV());
        }

        if (GcmSpecUtil.isGcmSpec(spec))
        {
            try
            {
                GCMParameters gcm = GcmSpecUtil.extractGcmParameters(spec);
                return (AuthenticationParameters)baseParameters.withIV(gcm.getNonce()).withMACSize(gcm.getIcvLen() * 8);
            }
            catch (Exception e)
            {
                throw new InvalidAlgorithmParameterException("Cannot process GCMParameterSpec: " + e.getMessage(), e);
            }
        }

        if (spec instanceof RC2ParameterSpec)
        {
            return baseParameters.withIV(((RC2ParameterSpec)spec).getIV());
        }

        if (spec != null)
        {
            throw new InvalidAlgorithmParameterException("Unknown AlgorithmParameterSpec found: " + spec.getClass().getName());
        }

        if (forEncryption && baseParameters.getAlgorithm().requiresAlgorithmParameters())
        {
            return baseParameters.withIV(random);
        }

        return baseParameters;
    }
}