public class AesKeyWrapParameterSpec
extends java.lang.Object
implements java.security.spec.AlgorithmParameterSpec
AesKeyWrap or
AesKeyWrapPad
algorithm implementation.
It contain an initial value that is used to obtain an integrity check on the
key data. The exact properties achieved by this integrity check depend on
the definition of the initial value. Different applications may call for
somewhat different properties; for example, whether there is need to
determine the integrity of key data throughout its lifecycle or just when it
is unwrapped. The
AES Key
Wrap Specification defines the default initial value as a hexadecimal
constant: A6A6A6A6A6A6A6A6.
The Alternative Initial Value (AIV) is a 32-bit constant concatenated to a 32-bit MLI (Message Length Indicator). The constant is (in hexadecimal) A65959A6 and occupies the high-order half of the AIV. Note that this differs from the high order 32 bits of the default IV in Section 2.2.3.1 of [AES-KW1], so there is no ambiguity between the two. The 32-bit MLI, which occupies the low-order half of the AIV, is an unsigned binary integer equal to the octet length of the plaintext key data, in network order -- that is, with the most significant octet first.
The default initial value supports integrity of the key data during the
period it is wrapped. When using the default initial value, if unwrapping
produces an initial value of A6A6A6A6A6A6A6A6, then the chance
that the key data is corrupt is 2-64. If unwrapping does not
produce an initial value of A6A6A6A6A6A6A6A6, then an integrity
problem has been encountered and the key data is considered corrupt. When
attempting to use the AES key wrap algorithm with the default initial value,
manually specifying it using this class is not necessary; it is
automatically used by default.
Similarily, for AESKeyWrapPad, the Alternate Initial Value must unwrap to A65959A6 for the higher order, and the lower order 32-bytes represents the number of Octets that will be wrapped. For example, A65959A600000014 (hex) would indicate AESKeyWrapPadding is to be used for a plaintext key of length 20.
When the key wrap is used as part of a larger key management protocol or system, the desired scope for data integrity may be more than just the key data or the desired duration for more than just the period that it is wrapped. Also, if the key data is not just an AES key, it may not always be a multiple of 64 bits. Alternative definitions of the initial value can be used to address such problems. AESKeyWrapPad can be use for these situations. NIST will define alternative initial values in future key management publications as needed. In order to accommodate a set of alternatives that may evolve over time, Entrust's AES key wrap algorithm implementation allows the initial value to be specified (replacing the default initial value).
AesKeyWrap| Modifier and Type | Field and Description |
|---|---|
protected byte[] |
m_initialValue
The initial value.
|
| Constructor and Description |
|---|
AesKeyWrapParameterSpec()
The default constructor.
|
AesKeyWrapParameterSpec(byte[] initialValue)
Creates a new
InitialValueParameterSpec object with the
specified initial value. |
AesKeyWrapParameterSpec(byte[] initialValue,
int offset,
int length)
Creates a new
InitialValueParameterSpec object with the
specified initial value. |
| Modifier and Type | Method and Description |
|---|---|
byte[] |
getInitialValue()
Returns a copy of the initial value.
|
void |
setInitialValue(byte[] initialValue)
Sets the initial value by copying the data from the specified byte array.
|
void |
setInitialValue(byte[] initialValue,
int offset,
int length)
Sets the initial value by copying specified amount of data from the byte
array beginning at the specified offset.
|
public AesKeyWrapParameterSpec()
It creates a new InitialValueParameterSpec object with a
default initial value: A6A6A6A6A6A6A6A6, as defined in the
AES
Key Wrap Specification.
public AesKeyWrapParameterSpec(byte[] initialValue)
InitialValueParameterSpec object with the
specified initial value.
The supplied byte array is copied, and used as the initial value.
initialValue - a byte array containing the initial valuejava.lang.IllegalArgumentException - thrown if the byte array is null or not 64 bits in lengthpublic AesKeyWrapParameterSpec(byte[] initialValue,
int offset,
int length)
InitialValueParameterSpec object with the
specified initial value.
The initial value is copied from the supplied byte array starting at the indicated offset.
initialValue - a byte array containing the initial valueoffset - the offset in the byte array where the initial value beginslength - the length of initial valuejava.lang.IllegalArgumentException - thrown if the byte array is null or the length of the initial value
is not 64 bitsjava.lang.ArrayIndexOutOfBoundsException - thrown if an initial value of the specified size could not be
extracted from the byte arrayjava.lang.NegativeArraySizeException - thrown if length is negativepublic byte[] getInitialValue()
public void setInitialValue(byte[] initialValue)
initialValue - a byte array containing the initial valuejava.lang.IllegalArgumentException - thrown if the byte array is null or not 64 bits in lengthpublic void setInitialValue(byte[] initialValue,
int offset,
int length)
initialValue - a byte array containing the initial valueoffset - the offset in the byte array where the initial value beginslength - the length of initial valuejava.lang.IllegalArgumentException - thrown if the byte array is null or the length of the initial value
is not 64 bitsjava.lang.ArrayIndexOutOfBoundsException - thrown if an initial value of the specified size could not be
extracted from the byte arrayjava.lang.NegativeArraySizeException - thrown if length is negative