Class CounterNonce

java.lang.Object
org.cryptacular.generator.sp80038d.CounterNonce
All Implemented Interfaces:
Nonce

public class CounterNonce extends Object implements Nonce
Deterministic nonce generation strategy that uses a counter for the invocation field as described in NIST SP-800-38D, section 8.2.1. The invocation part of the sequence is always 64 bits (8 bytes) due to the use of a long, thus the length of the nonce is determined by the length of the fixed part: length = 8 + fixed.length.

NOTE: users of this class are responsible for maintaining the invocation count in order to support enforcement of constraints described in section 8.3; namely the following:

The total number of invocations of the authenticated encryption function shall not exceed 232, including all IV lengths and all instances of the authenticated encryption function with the given key.

Instances of this class enforce this constraint by considering the nonce length, which determines whether the constraint applies, and the invocation count. The invocation count is incremented upon every invocation of generate() method. The current invocation count is accessible via getInvocations().

Instances of this class are thread safe.

Author:
Middleware Services
  • Field Details

    • DEFAULT_LENGTH

      public static final int DEFAULT_LENGTH
      Default nonce getLength is 12 bytes.
      See Also:
    • MAX_INVOCATIONS

      public static final long MAX_INVOCATIONS
      Maximum invocations is 232. Does not apply to nonces with default getLength, 12.
      See Also:
  • Constructor Details

    • CounterNonce

      public CounterNonce(String fixed, long invocations)
      Creates a new instance.
      Parameters:
      fixed - User-defined fixed field value.
      invocations - Initial invocation count. The invocations field is incremented _before_ use in generate().
    • CounterNonce

      public CounterNonce(int fixed, long invocations)
      Creates a new instance. Instances of this method produces nonces of the default length, 12, and are not subject to constraints on the number of invocations.
      Parameters:
      fixed - User-defined fixed field value.
      invocations - Initial invocation count. The invocations field is incremented _before_ use in generate().
    • CounterNonce

      public CounterNonce(long fixed, long invocations)
      Creates a new instance.
      Parameters:
      fixed - User-defined fixed field value.
      invocations - Initial invocation count. The invocations field is incremented _before_ use in generate().
    • CounterNonce

      public CounterNonce(byte[] fixed, long invocations)
      Creates a new instance.
      Parameters:
      fixed - User-defined fixed field value.
      invocations - Initial invocation count. The invocations field is incremented _before_ use in generate().
  • Method Details

    • generate

      public byte[] generate() throws LimitException
      Description copied from interface: Nonce
      Generates a nonce value.
      Specified by:
      generate in interface Nonce
      Returns:
      Nonce bytes.
      Throws:
      LimitException - When a limit imposed by the nonce generation strategy, if any, is exceeded.
    • getLength

      public int getLength()
      Specified by:
      getLength in interface Nonce
      Returns:
      Length in bytes of generated nonce values.
    • getInvocations

      public long getInvocations()
      Returns:
      Current invocation count.