Package com.nimbusds.jose.crypto.impl

Class AESCBC

java.lang.Object

com.nimbusds.jose.crypto.impl.AESCBC

@ThreadSafe
public class AESCBC
extends java.lang.Object

AES/CBC/PKCS5Padding and AES/CBC/PKCS5Padding/HMAC-SHA2 encryption and decryption methods. This class is thread-safe.

Also supports the deprecated AES/CBC/HMAC encryption using a custom concat KDF (JOSE draft suite 08).

See RFC 7518 (JWA), section 5.2.

Version:

2022-01-24

Author:

Vladimir Dzhuvinov, Axel Nennker

Field Summary

Fields

Modifier and Type	Field	Description
static int	IV_BIT_LENGTH	The standard Initialisation Vector (IV) length (128 bits).

Method Summary

Modifier and Type	Method	Description
static byte[]	decrypt(javax.crypto.SecretKey secretKey, byte[] iv, byte[] cipherText, java.security.Provider provider)	Decrypts the specified cipher text using AES/CBC/PKCS5Padding.
static byte[]	decryptAuthenticated(javax.crypto.SecretKey secretKey, byte[] iv, byte[] cipherText, byte[] aad, byte[] authTag, java.security.Provider ceProvider, java.security.Provider macProvider)	Decrypts the specified cipher text using AES/CBC/PKCS5Padding/ HMAC-SHA2.
static byte[]	decryptWithConcatKDF(JWEHeader header, javax.crypto.SecretKey secretKey, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag, java.security.Provider ceProvider, java.security.Provider macProvider)	Decrypts the specified cipher text using the deprecated concat KDF from JOSE draft suite 09.
static byte[]	encrypt(javax.crypto.SecretKey secretKey, byte[] iv, byte[] plainText, java.security.Provider provider)	Encrypts the specified plain text using AES/CBC/PKCS5Padding.
static AuthenticatedCipherText	encryptAuthenticated(javax.crypto.SecretKey secretKey, byte[] iv, byte[] plainText, byte[] aad, java.security.Provider ceProvider, java.security.Provider macProvider)	Encrypts the specified plain text using AES/CBC/PKCS5Padding/ HMAC-SHA2.
static AuthenticatedCipherText	encryptWithConcatKDF(JWEHeader header, javax.crypto.SecretKey secretKey, Base64URL encryptedKey, byte[] iv, byte[] plainText, java.security.Provider ceProvider, java.security.Provider macProvider)	Encrypts the specified plain text using the deprecated concat KDF from JOSE draft suite 09.
static byte[]	generateIV(java.security.SecureRandom randomGen)	Generates a random 128 bit (16 byte) Initialisation Vector(IV) for use in AES-CBC encryption.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

IV_BIT_LENGTH

public static final int IV_BIT_LENGTH

The standard Initialisation Vector (IV) length (128 bits).

See Also:

Constant Field Values

Method Detail

generateIV

public static byte[] generateIV(java.security.SecureRandom randomGen)

Generates a random 128 bit (16 byte) Initialisation Vector(IV) for use in AES-CBC encryption.

Parameters:

randomGen - The secure random generator to use. Must be correctly initialised and not null.

Returns:

The random 128 bit IV, as 16 byte array.

encrypt

public static byte[] encrypt(javax.crypto.SecretKey secretKey,
                             byte[] iv,
                             byte[] plainText,
                             java.security.Provider provider)
                      throws JOSEException

Encrypts the specified plain text using AES/CBC/PKCS5Padding.

Parameters:

secretKey - The AES key. Must not be null.

iv - The initialisation vector (IV). Must not be null.

plainText - The plain text. Must not be null.

provider - The JCA provider, or null to use the default one.

Returns:

The cipher text.

Throws:

JOSEException - If encryption failed.

encryptAuthenticated

public static AuthenticatedCipherText encryptAuthenticated(javax.crypto.SecretKey secretKey,
                                                           byte[] iv,
                                                           byte[] plainText,
                                                           byte[] aad,
                                                           java.security.Provider ceProvider,
                                                           java.security.Provider macProvider)
                                                    throws JOSEException

Encrypts the specified plain text using AES/CBC/PKCS5Padding/ HMAC-SHA2.

See RFC 7518 (JWA), section 5.2.2.1

See draft-mcgrew-aead-aes-cbc-hmac-sha2-01

Parameters:

secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.

iv - The initialisation vector (IV). Must not be null.

plainText - The plain text. Must not be null.

aad - The additional authenticated data. Must not be null.

ceProvider - The JCA provider for the content encryption, or null to use the default one.

macProvider - The JCA provider for the MAC computation, or null to use the default one.

Returns:

The authenticated cipher text.

Throws:

JOSEException - If encryption failed.

encryptWithConcatKDF

public static AuthenticatedCipherText encryptWithConcatKDF(JWEHeader header,
                                                           javax.crypto.SecretKey secretKey,
                                                           Base64URL encryptedKey,
                                                           byte[] iv,
                                                           byte[] plainText,
                                                           java.security.Provider ceProvider,
                                                           java.security.Provider macProvider)
                                                    throws JOSEException

Encrypts the specified plain text using the deprecated concat KDF from JOSE draft suite 09.

Parameters:

header - The JWE header. Must not be null.

secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.

encryptedKey - The encrypted key. Must not be null.

iv - The initialisation vector (IV). Must not be null.

plainText - The plain text. Must not be null.

ceProvider - The JCA provider for the content encryption, or null to use the default one.

macProvider - The JCA provider for the MAC computation, or null to use the default one.

Returns:

The authenticated cipher text.

Throws:

JOSEException - If encryption failed.

decrypt

public static byte[] decrypt(javax.crypto.SecretKey secretKey,
                             byte[] iv,
                             byte[] cipherText,
                             java.security.Provider provider)
                      throws JOSEException

Decrypts the specified cipher text using AES/CBC/PKCS5Padding.

Parameters:

secretKey - The AES key. Must not be null.

iv - The initialisation vector (IV). Must not be null.

cipherText - The cipher text. Must not be null.

provider - The JCA provider, or null to use the default one.

Returns:

The decrypted plain text.

Throws:

JOSEException - If decryption failed.

decryptAuthenticated

public static byte[] decryptAuthenticated(javax.crypto.SecretKey secretKey,
                                          byte[] iv,
                                          byte[] cipherText,
                                          byte[] aad,
                                          byte[] authTag,
                                          java.security.Provider ceProvider,
                                          java.security.Provider macProvider)
                                   throws JOSEException

Decrypts the specified cipher text using AES/CBC/PKCS5Padding/ HMAC-SHA2.

See RFC 7518 (JWA), section 5.2.2.2

See draft-mcgrew-aead-aes-cbc-hmac-sha2-01

Parameters:

secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.

iv - The initialisation vector (IV). Must not be null.

cipherText - The cipher text. Must not be null.

aad - The additional authenticated data. Must not be null.

authTag - The authentication tag. Must not be null.

ceProvider - The JCA provider for the content encryption, or null to use the default one.

macProvider - The JCA provider for the MAC computation, or null to use the default one.

Returns:

The decrypted plain text.

Throws:

JOSEException - If decryption failed.

decryptWithConcatKDF

public static byte[] decryptWithConcatKDF(JWEHeader header,
                                          javax.crypto.SecretKey secretKey,
                                          Base64URL encryptedKey,
                                          Base64URL iv,
                                          Base64URL cipherText,
                                          Base64URL authTag,
                                          java.security.Provider ceProvider,
                                          java.security.Provider macProvider)
                                   throws JOSEException

Decrypts the specified cipher text using the deprecated concat KDF from JOSE draft suite 09.

Parameters:

header - The JWE header. Must not be null.

secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.

encryptedKey - The encrypted key. Must not be null.

iv - The initialisation vector (IV). Must not be null.

cipherText - The cipher text. Must not be null.

authTag - The authentication tag. Must not be null.

ceProvider - The JCA provider for the content encryption, or null to use the default one.

macProvider - The JCA provider for the MAC computation, or null to use the default one.

Returns:

The decrypted plain text.

Throws:

JOSEException - If decryption failed.