Package com.nimbusds.jose.crypto.impl

Class AESCBC

  • @ThreadSafe
public class AESCBC
extends Object
    AES/CBC/PKCS5Padding and AES/CBC/PKCS5Padding/HMAC-SHA2 encryption and decryption methods. This class is thread-safe.

    Also supports the deprecated AES/CBC/HMAC encryption using a custom concat KDF (JOSE draft suite 08).

    See RFC 7518 (JWA), section 5.2.

    Version:
    2022-01-24
    Author:
    Vladimir Dzhuvinov, Axel Nennker

    • Method Detail

      • generateIV

        public static byte[] generateIV​(SecureRandom randomGen)
        Generates a random 128 bit (16 byte) Initialisation Vector(IV) for use in AES-CBC encryption.
        Parameters:
        randomGen - The secure random generator to use. Must be correctly initialised and not null.
        Returns:
        The random 128 bit IV, as 16 byte array.

      • encrypt

        public static byte[] encrypt​(SecretKey secretKey,
                             byte[] iv,
                             byte[] plainText,
                             Provider provider)
                      throws JOSEException
        Encrypts the specified plain text using AES/CBC/PKCS5Padding.
        Parameters:
        secretKey - The AES key. Must not be null.
        iv - The initialisation vector (IV). Must not be null.
        plainText - The plain text. Must not be null.
        provider - The JCA provider, or null to use the default one.
        Returns:
        The cipher text.
        Throws:
        JOSEException - If encryption failed.

      • encryptAuthenticated

        public static AuthenticatedCipherText encryptAuthenticated​(SecretKey secretKey,
                                                           byte[] iv,
                                                           byte[] plainText,
                                                           byte[] aad,
                                                           Provider ceProvider,
                                                           Provider macProvider)
                                                    throws JOSEException
        Encrypts the specified plain text using AES/CBC/PKCS5Padding/ HMAC-SHA2.

        See RFC 7518 (JWA), section 5.2.2.1

        See draft-mcgrew-aead-aes-cbc-hmac-sha2-01

        Parameters:
        secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.
        iv - The initialisation vector (IV). Must not be null.
        plainText - The plain text. Must not be null.
        aad - The additional authenticated data. Must not be null.
        ceProvider - The JCA provider for the content encryption, or null to use the default one.
        macProvider - The JCA provider for the MAC computation, or null to use the default one.
        Returns:
        The authenticated cipher text.
        Throws:
        JOSEException - If encryption failed.

      • encryptWithConcatKDF

        public static AuthenticatedCipherText encryptWithConcatKDF​(JWEHeader header,
                                                           SecretKey secretKey,
                                                           Base64URL encryptedKey,
                                                           byte[] iv,
                                                           byte[] plainText,
                                                           Provider ceProvider,
                                                           Provider macProvider)
                                                    throws JOSEException
        Encrypts the specified plain text using the deprecated concat KDF from JOSE draft suite 09.
        Parameters:
        header - The JWE header. Must not be null.
        secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.
        encryptedKey - The encrypted key. Must not be null.
        iv - The initialisation vector (IV). Must not be null.
        plainText - The plain text. Must not be null.
        ceProvider - The JCA provider for the content encryption, or null to use the default one.
        macProvider - The JCA provider for the MAC computation, or null to use the default one.
        Returns:
        The authenticated cipher text.
        Throws:
        JOSEException - If encryption failed.

      • decrypt

        public static byte[] decrypt​(SecretKey secretKey,
                             byte[] iv,
                             byte[] cipherText,
                             Provider provider)
                      throws JOSEException
        Decrypts the specified cipher text using AES/CBC/PKCS5Padding.
        Parameters:
        secretKey - The AES key. Must not be null.
        iv - The initialisation vector (IV). Must not be null.
        cipherText - The cipher text. Must not be null.
        provider - The JCA provider, or null to use the default one.
        Returns:
        The decrypted plain text.
        Throws:
        JOSEException - If decryption failed.

      • decryptAuthenticated

        public static byte[] decryptAuthenticated​(SecretKey secretKey,
                                          byte[] iv,
                                          byte[] cipherText,
                                          byte[] aad,
                                          byte[] authTag,
                                          Provider ceProvider,
                                          Provider macProvider)
                                   throws JOSEException
        Decrypts the specified cipher text using AES/CBC/PKCS5Padding/ HMAC-SHA2.

        See RFC 7518 (JWA), section 5.2.2.2

        See draft-mcgrew-aead-aes-cbc-hmac-sha2-01

        Parameters:
        secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.
        iv - The initialisation vector (IV). Must not be null.
        cipherText - The cipher text. Must not be null.
        aad - The additional authenticated data. Must not be null.
        authTag - The authentication tag. Must not be null.
        ceProvider - The JCA provider for the content encryption, or null to use the default one.
        macProvider - The JCA provider for the MAC computation, or null to use the default one.
        Returns:
        The decrypted plain text.
        Throws:
        JOSEException - If decryption failed.

      • decryptWithConcatKDF

        public static byte[] decryptWithConcatKDF​(JWEHeader header,
                                          SecretKey secretKey,
                                          Base64URL encryptedKey,
                                          Base64URL iv,
                                          Base64URL cipherText,
                                          Base64URL authTag,
                                          Provider ceProvider,
                                          Provider macProvider)
                                   throws JOSEException
        Decrypts the specified cipher text using the deprecated concat KDF from JOSE draft suite 09.
        Parameters:
        header - The JWE header. Must not be null.
        secretKey - The secret key. Must be 256 or 512 bits long. Must not be null.
        encryptedKey - The encrypted key. Must not be null.
        iv - The initialisation vector (IV). Must not be null.
        cipherText - The cipher text. Must not be null.
        authTag - The authentication tag. Must not be null.
        ceProvider - The JCA provider for the content encryption, or null to use the default one.
        macProvider - The JCA provider for the MAC computation, or null to use the default one.
        Returns:
        The decrypted plain text.
        Throws:
        JOSEException - If decryption failed.