This document specifies the Javascript interface to [[!KCipher2]], which is a fast and lightweight stream cipher algorithm developed by KDDI R&D Laboratories Inc.

This document is in a draft stage and is waiting for implementations of KCipher-2 from UserAgent vendors.

Description

The "KCipher2" algorithm identifier is used to perform encryption and decryption using KCipher-2, as described in [[KCipher2]].

Registration

The recognized algorithm name for this algorithm is "KCipher2".

Operation Parameters Result
encrypt K2KeyCipherParameters ArrayBuffer
decrypt K2KeyCipherParameters ArrayBuffer
generateKey K2KeyGenParameters CryptoKey
importKey None CryptoKey
exportKey None object
get key length K2DerivedKeyParameters Integer

Parameters

K2CipherParameters dictionary

K2KeyCipherParameters dictionary

			dictionary K2KeyCipherParameters : Algorithm {
			// The initialization vector. MUST be 16 bytes.
			required BufferSource iv;
			};
			

K2KeyGenParameters dictionary

			dictionary K2KeyGenParameters : Algorithm {
			// The length, in bits, of the key.
			[EnforceRange] required unsigned short length;
			};
			

K2DerivedKeyParameters

			dictionary K2DerivedKeyParameters : Algorithm {
			// The length, in bits, of the key.
			[EnforceRange] required unsigned short length;
			};
			

Operations

Encrypt

  1. If the iv member of normalizedAlgorithm does not have length 16 bytes, then throw an OperationError.
  2. Let ciphertext be the result of performing the Encryption operation described in [[KCipher2]] using KCipher-2 as the stream cipher, the contents of the iv member of normalizedAlgorithm as the IV input parameter and plaintext as the input plaintext.
  3. Return ciphertext.

Decrypt

  1. If the iv member of normalizedAlgorithm does not have length 16 bytes, then throw an OperationError.
  2. Let plaintext be the result of performing the Decryption operation described in [[KCipher2]] using KCipher-2 as the stream cipher, the contents of the iv member of normalizedAlgorithm as the IV input parameter and ciphertext as the input ciphertext.
  3. Return plaintext.

Generate Key

  1. If usages contains any entry which is not one of "encrypt", "decrypt", "wrapKey" or "unwrapKey", then throw a SyntaxError.
  2. If the length member of normalizedAlgorithm is not equal to one of 128, 192 or 256, then throw an OperationError.
  3. Generate a KCipher-2 key of length equal to the length member of normalizedAlgorithm.
  4. If the key generation step fails, then throw an OperationError.
  5. Let key be a new CryptoKey object representing the generated KCipher-2 key.
  6. Let algorithm be a new K2KeyAlgorithm.
  7. Set the name attribute of algorithm to "KCipher2".
  8. Set the length attribute of algorithm to equal the length member of normalizedAlgorithm.
  9. Set the [algorithm] internal slot of key to algorithm.
  10. Set the [extractable] internal slot of key to be extractable.
  11. Set the [usages] internal slot of key to be usages.
  12. Return key.

Import Key

  1. If usages contains an entry which is not one of "encrypt", "decrypt", "wrapKey" or "unwrapKey", then throw a SyntaxError.

  2. If format is "raw":
    1. Let data be the octet string contained in keyData.

    2. If the length in bits of data is not 128, 192 or 256, then throw an OperationError.

    If format is "jwk":
    1. Let jwk be the JsonWebKey dictionary represented by keyData.

    2. If the "kty" field of jwk is not "oct", then throw a DataError.

    3. If jwk does not meet the requirements of Section 6.4 of JSON Web Algorithms, then throw n DataError.

    4. Let data be the octet string obtained by decoding the "k" field of jwk.

    5. If data has length 128 bits:
      If the "alg" field of jwk is present, and is not "KC128", then throw a DataError.
      If data has length 192 bits:
      If the "alg" field of jwk is present, and is not "KC192", then throw a DataError.
      If data has length 256 bits:
      If the "alg" field of jwk is present, and is not "KC256", then throw a DataError.
      Otherwise:
      throw anDataError
    6. If the "use" field of jwk is present, and is not "enc", then throw a DataError.

    7. If the "key_ops" field of jwk is present, and is invalid according to the requirements of JSON Web Key or does not contain all of the specified usages values, then throw a DataError.

    8. If the "ext" field of jwk is present and has the value false and extractable is true, then throw a DataError.

    Otherwise:
    throw a NotSupportedError.
  3. Let key be a new CryptoKey object representing a KCipher-2 key with value data.

  4. Let algorithm be a new K2KeyAlgorithm.

  5. Set the name attribute of algorithm to "KCipher2".

  6. Set the length attribute of algorithm to the length, in bits, of data.

  7. Set the [algorithm] internal slot of key to algorithm.

  8. Return key.

Export Key

  1. If the underlying cryptographic key material represented by the [handle] internal slot of key cannot be accessed, then throw an OperationError.

  2. If format is "raw":
    1. Let data be the raw octets of the key represented by [handle] internal slot of key.

    2. Let result be a new ArrayBuffer containing data.

    If format is "jwk":
    1. Let jwk be a new JsonWebKey dictionary.

    2. Set the kty attribute of jwk to the string "oct".

    3. Set the k attribute of jwk to be a string containing the raw octets of the key represented by [handle] internal slot of key, encoded according to Section 6.4 of JSON Web Algorithms.

    4. If the length attribute of key is 128:
      Set the alg attribute of jwk to the string "KC128".
      If the length attribute of key is 192:
      Set the alg attribute of jwk to the string "KC192".
      If the length attribute of key is 256:
      Set the alg attribute of jwk to the string "KC256".
    5. Set the key_ops attribute of jwk to equal the [usages] internal slot of key.

    6. Set the ext attribute of jwk to equal the [extractable] internal slot of key.

    7. Let result be the result of converting jwk to an ECMAScript Object, as defined by [WebIDL].

    Otherwise:

    throw a NotSupportedError.

  3. Return result.

Get Key Length

  1. If the length member of normalizedDerivedKeyAlgorithm is not equal to one of 128, 192 or 256, then throw an OperationError.
  2. Return the length member of the normalizedDerivedKeyAlgorithm.