Package com.google.crypto.tink.aead.internal

Class InsecureNonceXChaCha20Poly1305

  • public final class InsecureNonceXChaCha20Poly1305
extends java.lang.Object
    XChaCha20Poly1305 AEAD construction, as described in https://tools.ietf.org/html/draft-arciszewski-xchacha-01.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      byte[] decrypt​(byte[] nonce, byte[] ciphertext, byte[] associatedData)
      Decrypts ciphertext with the following format: actual_ciphertext || tag.
      byte[] decrypt​(java.nio.ByteBuffer ciphertext, byte[] nonce, byte[] associatedData)
      Decrypts ciphertext with the following format: actual_ciphertext || tag.
      byte[] encrypt​(byte[] nonce, byte[] plaintext, byte[] associatedData)
      Encrypts plaintext with Poly1305 authentication based on associatedData.
      void encrypt​(java.nio.ByteBuffer output, byte[] nonce, byte[] plaintext, byte[] associatedData)
      Encrypts plaintext with Poly1305 authentication based on associatedData.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • InsecureNonceXChaCha20Poly1305

        public InsecureNonceXChaCha20Poly1305​(byte[] key)
                               throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException

    • Method Detail

      • encrypt

        public byte[] encrypt​(byte[] nonce,
                      byte[] plaintext,
                      byte[] associatedData)
               throws java.security.GeneralSecurityException
        Encrypts plaintext with Poly1305 authentication based on associatedData.

        Please note that nonce should be randomly generated by the caller hence keys need to be rotated after encrypting a certain number of messages depending on the nonce size of the underlying InsecureNonceChaCha20Base.

        Parameters:
        nonce - specified by caller
        plaintext - data to encrypt
        associatedData - associated authenticated data
        Returns:
        ciphertext with the following format actual_ciphertext || tag
        Throws:
        java.security.GeneralSecurityException

      • encrypt

        public void encrypt​(java.nio.ByteBuffer output,
                    byte[] nonce,
                    byte[] plaintext,
                    byte[] associatedData)
             throws java.security.GeneralSecurityException
        Encrypts plaintext with Poly1305 authentication based on associatedData.

        Please note that nonce should be randomly generated by the caller hence keys need to be rotated after encrypting a certain number of messages depending on the nonce size of the underlying InsecureNonceChaCha20Base.

        Parameters:
        output - ciphertext buffer with the following format actual_ciphertext || tag
        nonce - specified by caller
        plaintext - data to encrypt
        associatedData - associated authenticated data
        Throws:
        java.security.GeneralSecurityException

      • decrypt

        public byte[] decrypt​(byte[] nonce,
                      byte[] ciphertext,
                      byte[] associatedData)
               throws java.security.GeneralSecurityException
        Decrypts ciphertext with the following format: actual_ciphertext || tag.
        Parameters:
        nonce - specified by caller
        ciphertext - with format actual_ciphertext || tag
        associatedData - associated authenticated data
        Returns:
        plaintext if authentication is successful.
        Throws:
        java.security.GeneralSecurityException - when ciphertext is shorter than tag size or when computed tag based on ciphertext and associatedData does not match the tag given in ciphertext.

      • decrypt

        public byte[] decrypt​(java.nio.ByteBuffer ciphertext,
                      byte[] nonce,
                      byte[] associatedData)
               throws java.security.GeneralSecurityException
        Decrypts ciphertext with the following format: actual_ciphertext || tag.
        Parameters:
        ciphertext - with format actual_ciphertext || tag
        nonce - specified by caller
        associatedData - associated authenticated data
        Returns:
        plaintext if authentication is successful
        Throws:
        java.security.GeneralSecurityException - when ciphertext is shorter than tag size
        javax.crypto.AEADBadTagException - when the tag is invalid