Module java.base

Class GCMParameterSpec

  • All Implemented Interfaces:
    AlgorithmParameterSpec


    public class GCMParameterSpec
    extends Object
    implements AlgorithmParameterSpec
    Specifies the set of parameters required by a Cipher using the Galois/Counter Mode (GCM) mode.

    Simple block cipher modes (such as CBC) generally require only an initialization vector (such as IvParameterSpec), but GCM needs these parameters:

    • IV: Initialization Vector (IV)
    • tLen: length (in bits) of authentication tag T

    In addition to the parameters described here, other GCM inputs/output (Additional Authenticated Data (AAD), Keys, block ciphers, plain/ciphertext and authentication tags) are handled in the Cipher class.

    Please see RFC 5116 for more information on the Authenticated Encryption with Associated Data (AEAD) algorithm, and NIST Special Publication 800-38D, "NIST Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC."

    The GCM specification states that tLen may only have the values {128, 120, 112, 104, 96}, or {64, 32} for certain applications. Other values can be specified for this class, but not all CSP implementations will support them.

    Since:
    1.7
    See Also:
    Cipher
    • Constructor Detail

      • GCMParameterSpec

        public GCMParameterSpec​(int tLen,
                                byte[] src)
        Constructs a GCMParameterSpec using the specified authentication tag bit-length and IV buffer.
        Parameters:
        tLen - the authentication tag length (in bits)
        src - the IV source buffer. The contents of the buffer are copied to protect against subsequent modification.
        Throws:
        IllegalArgumentException - if tLen is negative, or src is null.
      • GCMParameterSpec

        public GCMParameterSpec​(int tLen,
                                byte[] src,
                                int offset,
                                int len)
        Constructs a GCMParameterSpec object using the specified authentication tag bit-length and a subset of the specified buffer as the IV.
        Parameters:
        tLen - the authentication tag length (in bits)
        src - the IV source buffer. The contents of the buffer are copied to protect against subsequent modification.
        offset - the offset in src where the IV starts
        len - the number of IV bytes
        Throws:
        IllegalArgumentException - if tLen is negative, src is null, len or offset is negative, or the sum of offset and len is greater than the length of the src byte array.
    • Method Detail

      • getTLen

        public int getTLen​()
        Returns the authentication tag length.
        Returns:
        the authentication tag length (in bits)
      • getIV

        public byte[] getIV​()
        Returns the Initialization Vector (IV).
        Returns:
        the IV. Creates a new array each time this method is called.