Package com.nimbusds.jose.crypto.impl

Class AESCBC

java.lang.Object
com.nimbusds.jose.crypto.impl.AESCBC
@ThreadSafe public class AESCBC extends Object
AES/CBC/PKCS5Padding and AES/CBC/PKCS5Padding/HMAC-SHA2 encryption and decryption methods. This class is thread-safe.

Also supports the deprecated AES/CBC/HMAC encryption using a custom concat KDF (JOSE draft suite 08).

See RFC 7518 (JWA), section 5.2.

Version:
2022-01-24
Author:
Vladimir Dzhuvinov, Axel Nennker

  • Field Details

  • Method Details

    • generateIV

      public static byte[] generateIV(SecureRandom randomGen)
      Generates a random 128 bit (16 byte) Initialisation Vector(IV) for use in AES-CBC encryption.
      Parameters:
      randomGen - The secure random generator to use. Must be correctly initialised and not null.
      Returns:
      The random 128 bit IV, as 16 byte array.

    • encrypt

      public static byte[] encrypt(SecretKey secretKey, byte[] iv, byte[] plainText, Provider provider) throws JOSEException
      Encrypts the specified plain text using AES/CBC/PKCS5Padding.
      Parameters:
      secretKey - The AES key. Must not be null.
      iv - The initialisation vector (IV). Must not be null.
      plainText - The plain text. Must not be null.
      provider - The JCA provider, null to use the default.
      Returns:
      The cipher text.
      Throws:
      JOSEException - If encryption failed.

    • encryptAuthenticated

      public static AuthenticatedCipherText encryptAuthenticated(SecretKey secretKey, byte[] iv, byte[] plainText, byte[] aad, Provider ceProvider, Provider macProvider) throws JOSEException
      Encrypts the specified plain text using AES/CBC/PKCS5Padding/ HMAC-SHA2.

      See RFC 7518 (JWA), section 5.2.2.1

      See draft-mcgrew-aead-aes-cbc-hmac-sha2-01

      Parameters:
      secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.
      iv - The initialisation vector (IV). Must not be null.
      plainText - The plain text. Must not be null.
      aad - The additional authenticated data. Must not be null.
      ceProvider - The JCA provider for the content encryption, or null to use the default one.
      macProvider - The JCA provider for the MAC computation, or null to use the default one.
      Returns:
      The authenticated cipher text.
      Throws:
      JOSEException - If encryption failed.

    • encryptWithConcatKDF

      public static AuthenticatedCipherText encryptWithConcatKDF(JWEHeader header, SecretKey secretKey, Base64URL encryptedKey, byte[] iv, byte[] plainText, Provider ceProvider, Provider macProvider) throws JOSEException
      Encrypts the specified plain text using the deprecated concat KDF from JOSE draft suite 09.
      Parameters:
      header - The JWE header. Must not be null.
      secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.
      encryptedKey - The encrypted key. Must not be null.
      iv - The initialisation vector (IV). Must not be null.
      plainText - The plain text. Must not be null.
      ceProvider - The JCA provider for the content encryption, or null to use the default one.
      macProvider - The JCA provider for the MAC computation, or null to use the default one.
      Returns:
      The authenticated cipher text.
      Throws:
      JOSEException - If encryption failed.

    • decrypt

      public static byte[] decrypt(SecretKey secretKey, byte[] iv, byte[] cipherText, Provider provider) throws JOSEException
      Decrypts the specified cipher text using AES/CBC/PKCS5Padding.
      Parameters:
      secretKey - The AES key. Must not be null.
      iv - The initialisation vector (IV). Must not be null.
      cipherText - The cipher text. Must not be null.
      provider - The JCA provider, null to use the default.
      Returns:
      The decrypted plain text.
      Throws:
      JOSEException - If decryption failed.

    • decryptAuthenticated

      public static byte[] decryptAuthenticated(SecretKey secretKey, byte[] iv, byte[] cipherText, byte[] aad, byte[] authTag, Provider ceProvider, Provider macProvider) throws JOSEException
      Decrypts the specified cipher text using AES/CBC/PKCS5Padding/ HMAC-SHA2.

      See RFC 7518 (JWA), section 5.2.2.2

      See draft-mcgrew-aead-aes-cbc-hmac-sha2-01

      Parameters:
      secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.
      iv - The initialisation vector (IV). Must not be null.
      cipherText - The cipher text. Must not be null.
      aad - The additional authenticated data. Must not be null.
      authTag - The authentication tag. Must not be null.
      ceProvider - The JCA provider for the content encryption, or null to use the default one.
      macProvider - The JCA provider for the MAC computation, or null to use the default one.
      Returns:
      The decrypted plain text.
      Throws:
      JOSEException - If decryption failed.

    • decryptWithConcatKDF

      public static byte[] decryptWithConcatKDF(JWEHeader header, SecretKey secretKey, Base64URL encryptedKey, Base64URL iv, Base64URL cipherText, Base64URL authTag, Provider ceProvider, Provider macProvider) throws JOSEException
      Decrypts the specified cipher text using the deprecated concat KDF from JOSE draft suite 09.
      Parameters:
      header - The JWE header. Must not be null.
      secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.
      encryptedKey - The encrypted key. Must not be null.
      iv - The initialisation vector (IV). Must not be null.
      cipherText - The cipher text. Must not be null.
      authTag - The authentication tag. Must not be null.
      ceProvider - The JCA provider for the content encryption, or null to use the default one.
      macProvider - The JCA provider for the MAC computation, or null to use the default one.
      Returns:
      The decrypted plain text.
      Throws:
      JOSEException - If decryption failed.