Class ElephantEngine

  • All Implemented Interfaces:
    AEADCipher

    public class ElephantEngine
    extends java.lang.Object
    Elephant AEAD v2, based on the current round 3 submission, https://www.esat.kuleuven.be/cosic/elephant/ Reference C implementation: https://github.com/TimBeyne/Elephant Specification: https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/elephant-spec-final.pdf
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void checkAAD()  
      protected boolean checkData​(boolean isDofinal)  
      int doFinal​(byte[] output, int outOff)
      Finish the operation either appending or verifying the MAC at the end of the data.
      protected void ensureInitialized()  
      protected void ensureSufficientInputBuffer​(byte[] input, int inOff, int len)  
      protected void ensureSufficientOutputBuffer​(byte[] output, int outOff, int len)  
      protected void finishAAD​(org.bouncycastle.crypto.engines.AEADBaseEngine.State nextState, boolean isDoFinal)  
      protected void finishAAD1​(org.bouncycastle.crypto.engines.AEADBaseEngine.State nextState)  
      protected void finishAAD2​(org.bouncycastle.crypto.engines.AEADBaseEngine.State nextState)  
      protected void finishAAD3​(org.bouncycastle.crypto.engines.AEADBaseEngine.State nextState, boolean isDoFinal)  
      java.lang.String getAlgorithmName()
      Return the name of the algorithm.
      int getBlockSize()  
      int getIVBytesSize()  
      int getKeyBytesSize()  
      byte[] getMac()
      Return the value of the MAC associated with the last stream processed.
      int getOutputSize​(int len)
      return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.
      protected int getTotalBytesForUpdate​(int len)  
      int getUpdateOutputSize​(int len)
      return the size of the output buffer required for a processBytes an input of len bytes.
      void init​(boolean forEncryption, CipherParameters params)
      initialise the underlying cipher.
      protected void init​(byte[] k, byte[] iv)  
      void processAADByte​(byte input)
      Add a single byte to the associated data check.
      void processAADBytes​(byte[] input, int inOff, int len)
      Add a sequence of bytes to the associated data check.
      protected void processBufferAAD​(byte[] input, int inOff)  
      protected void processBufferDecrypt​(byte[] input, int inOff, byte[] output, int outOff)  
      protected void processBufferEncrypt​(byte[] input, int inOff, byte[] output, int outOff)  
      int processByte​(byte in, byte[] out, int outOff)
      encrypt/decrypt a single byte.
      int processBytes​(byte[] input, int inOff, int len, byte[] output, int outOff)
      process a block of bytes from in putting the result into out.
      protected int processEncDecByte​(byte[] output, int outOff)  
      protected int processEncDecBytes​(byte[] input, int inOff, int len, byte[] output, int outOff)  
      protected void processFinalAAD()  
      protected void processFinalBlock​(byte[] output, int outOff)  
      void reset()
      Reset the cipher.
      protected void reset​(boolean clearMac)  
      protected void setInnerMembers​(org.bouncycastle.crypto.engines.AEADBaseEngine.ProcessingBufferType type, org.bouncycastle.crypto.engines.AEADBaseEngine.AADOperatorType aadOperatorType, org.bouncycastle.crypto.engines.AEADBaseEngine.DataOperatorType dataOperatorType)  
      static void xorTo​(int len, byte[] x, byte[] y, byte[] z)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • forEncryption

        protected boolean forEncryption
      • algorithmName

        protected java.lang.String algorithmName
      • KEY_SIZE

        protected int KEY_SIZE
      • IV_SIZE

        protected int IV_SIZE
      • MAC_SIZE

        protected int MAC_SIZE
      • initialAssociatedText

        protected byte[] initialAssociatedText
      • mac

        protected byte[] mac
      • m_buf

        protected byte[] m_buf
      • m_aad

        protected byte[] m_aad
      • m_bufPos

        protected int m_bufPos
      • m_aadPos

        protected int m_aadPos
      • AADBufferSize

        protected int AADBufferSize
      • BlockSize

        protected int BlockSize
      • m_state

        protected org.bouncycastle.crypto.engines.AEADBaseEngine.State m_state
      • m_bufferSizeDecrypt

        protected int m_bufferSizeDecrypt
      • processor

        protected org.bouncycastle.crypto.engines.AEADBaseEngine.AADProcessingBuffer processor
      • aadOperator

        protected org.bouncycastle.crypto.engines.AEADBaseEngine.AADOperator aadOperator
      • dataOperator

        protected org.bouncycastle.crypto.engines.AEADBaseEngine.DataOperator dataOperator
    • Method Detail

      • init

        protected void init​(byte[] k,
                            byte[] iv)
                     throws java.lang.IllegalArgumentException
        Throws:
        java.lang.IllegalArgumentException
      • processBufferEncrypt

        protected void processBufferEncrypt​(byte[] input,
                                            int inOff,
                                            byte[] output,
                                            int outOff)
      • processBufferDecrypt

        protected void processBufferDecrypt​(byte[] input,
                                            int inOff,
                                            byte[] output,
                                            int outOff)
      • processFinalBlock

        protected void processFinalBlock​(byte[] output,
                                         int outOff)
      • processBufferAAD

        protected void processBufferAAD​(byte[] input,
                                        int inOff)
      • getUpdateOutputSize

        public int getUpdateOutputSize​(int len)
        Description copied from interface: AEADCipher
        return the size of the output buffer required for a processBytes an input of len bytes.

        The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to input data being processed.

        Specified by:
        getUpdateOutputSize in interface AEADCipher
        Parameters:
        len - the length of the input.
        Returns:
        the space required to accommodate a call to processBytes with len bytes of input.
      • getOutputSize

        public int getOutputSize​(int len)
        Description copied from interface: AEADCipher
        return the size of the output buffer required for a processBytes plus a doFinal with an input of len bytes.

        The returned size may be dependent on the initialisation of this cipher and may not be accurate once subsequent input data is processed - this method should be invoked immediately prior to a call to final processing of input data and a call to AEADCipher.doFinal(byte[], int).

        Specified by:
        getOutputSize in interface AEADCipher
        Parameters:
        len - the length of the input.
        Returns:
        the space required to accommodate a call to processBytes and doFinal with len bytes of input.
      • finishAAD

        protected void finishAAD​(org.bouncycastle.crypto.engines.AEADBaseEngine.State nextState,
                                 boolean isDoFinal)
      • processFinalAAD

        protected void processFinalAAD()
      • reset

        protected void reset​(boolean clearMac)
      • checkAAD

        protected void checkAAD()
      • checkData

        protected boolean checkData​(boolean isDofinal)
      • xorTo

        public static void xorTo​(int len,
                                 byte[] x,
                                 byte[] y,
                                 byte[] z)
      • getAlgorithmName

        public java.lang.String getAlgorithmName()
        Description copied from interface: AEADCipher
        Return the name of the algorithm.
        Specified by:
        getAlgorithmName in interface AEADCipher
        Returns:
        the algorithm name.
      • getKeyBytesSize

        public int getKeyBytesSize()
      • getIVBytesSize

        public int getIVBytesSize()
      • getMac

        public byte[] getMac()
        Description copied from interface: AEADCipher
        Return the value of the MAC associated with the last stream processed.
        Specified by:
        getMac in interface AEADCipher
        Returns:
        MAC for plaintext data.
      • init

        public void init​(boolean forEncryption,
                         CipherParameters params)
        Description copied from interface: AEADCipher
        initialise the underlying cipher. Parameter can either be an AEADParameters or a ParametersWithIV object.
        Specified by:
        init in interface AEADCipher
        Parameters:
        forEncryption - true if we are setting up for encryption, false otherwise.
        params - the necessary parameters for the underlying cipher to be initialised.
      • reset

        public void reset()
        Description copied from interface: AEADCipher
        Reset the cipher. After resetting the cipher is in the same state as it was after the last init (if there was one).
        Specified by:
        reset in interface AEADCipher
      • setInnerMembers

        protected void setInnerMembers​(org.bouncycastle.crypto.engines.AEADBaseEngine.ProcessingBufferType type,
                                       org.bouncycastle.crypto.engines.AEADBaseEngine.AADOperatorType aadOperatorType,
                                       org.bouncycastle.crypto.engines.AEADBaseEngine.DataOperatorType dataOperatorType)
      • processAADByte

        public void processAADByte​(byte input)
        Description copied from interface: AEADCipher
        Add a single byte to the associated data check.
        If the implementation supports it, this will be an online operation and will not retain the associated data.
        Specified by:
        processAADByte in interface AEADCipher
        Parameters:
        input - the byte to be processed.
      • processAADBytes

        public void processAADBytes​(byte[] input,
                                    int inOff,
                                    int len)
        Description copied from interface: AEADCipher
        Add a sequence of bytes to the associated data check.
        If the implementation supports it, this will be an online operation and will not retain the associated data.
        Specified by:
        processAADBytes in interface AEADCipher
        Parameters:
        input - the input byte array.
        inOff - the offset into the in array where the data to be processed starts.
        len - the number of bytes to be processed.
      • processByte

        public int processByte​(byte in,
                               byte[] out,
                               int outOff)
                        throws DataLengthException
        Description copied from interface: AEADCipher
        encrypt/decrypt a single byte.
        Specified by:
        processByte in interface AEADCipher
        Parameters:
        in - the byte to be processed.
        out - the output buffer the processed byte goes into.
        outOff - the offset into the output byte array the processed data starts at.
        Returns:
        the number of bytes written to out.
        Throws:
        DataLengthException - if the output buffer is too small.
      • processEncDecByte

        protected int processEncDecByte​(byte[] output,
                                        int outOff)
      • processBytes

        public int processBytes​(byte[] input,
                                int inOff,
                                int len,
                                byte[] output,
                                int outOff)
                         throws DataLengthException
        Description copied from interface: AEADCipher
        process a block of bytes from in putting the result into out.
        Specified by:
        processBytes in interface AEADCipher
        Parameters:
        input - the input byte array.
        inOff - the offset into the in array where the data to be processed starts.
        len - the number of bytes to be processed.
        output - the output buffer the processed bytes go into.
        outOff - the offset into the output byte array the processed data starts at.
        Returns:
        the number of bytes written to out.
        Throws:
        DataLengthException - if the output buffer is too small.
      • processEncDecBytes

        protected int processEncDecBytes​(byte[] input,
                                         int inOff,
                                         int len,
                                         byte[] output,
                                         int outOff)
      • doFinal

        public int doFinal​(byte[] output,
                           int outOff)
                    throws java.lang.IllegalStateException,
                           InvalidCipherTextException
        Description copied from interface: AEADCipher
        Finish the operation either appending or verifying the MAC at the end of the data.
        Specified by:
        doFinal in interface AEADCipher
        Parameters:
        output - space for any resulting output data.
        outOff - offset into out to start copying the data at.
        Returns:
        number of bytes written into out.
        Throws:
        java.lang.IllegalStateException - if the cipher is in an inappropriate state.
        InvalidCipherTextException - if the MAC fails to match.
      • getBlockSize

        public final int getBlockSize()
      • getTotalBytesForUpdate

        protected int getTotalBytesForUpdate​(int len)
      • ensureSufficientOutputBuffer

        protected final void ensureSufficientOutputBuffer​(byte[] output,
                                                          int outOff,
                                                          int len)
      • ensureSufficientInputBuffer

        protected final void ensureSufficientInputBuffer​(byte[] input,
                                                         int inOff,
                                                         int len)
      • ensureInitialized

        protected final void ensureInitialized()
      • finishAAD1

        protected void finishAAD1​(org.bouncycastle.crypto.engines.AEADBaseEngine.State nextState)
      • finishAAD2

        protected void finishAAD2​(org.bouncycastle.crypto.engines.AEADBaseEngine.State nextState)
      • finishAAD3

        protected void finishAAD3​(org.bouncycastle.crypto.engines.AEADBaseEngine.State nextState,
                                  boolean isDoFinal)