Package com.google.crypto.tink.streamingaead.internal

Class LegacyFullStreamingAead

  • All Implemented Interfaces:
    StreamingAead
    public class LegacyFullStreamingAead
extends java.lang.Object
implements StreamingAead
    Takes an arbitrary raw StreamingAead and makes it a full primitive. ("Full" doesn't make much difference in case of Streaming AEADs, but we keep the name and the wrapper structure for consistency with the other primitives.) This is a class that helps us transition onto the new Keys and Configurations interface, by bringing potential user-defined primitives to a common denominator with our primitives over which we have control.

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static StreamingAead create​(LegacyProtoKey key)
      Covers the cases where users created their own streaming AEAD / key classes.
      java.nio.channels.ReadableByteChannel newDecryptingChannel​(java.nio.channels.ReadableByteChannel ciphertextSource, byte[] associatedData)  
      java.io.InputStream newDecryptingStream​(java.io.InputStream ciphertextSource, byte[] associatedData)
      Returns a wrapper around ciphertextSource, such that any read-operation via the wrapper results in AEAD-decryption of the underlying ciphertext, using associatedData as associated authenticated data.
      java.nio.channels.WritableByteChannel newEncryptingChannel​(java.nio.channels.WritableByteChannel ciphertextDestination, byte[] associatedData)
      Returns a WritableByteChannel for plaintext.
      java.io.OutputStream newEncryptingStream​(java.io.OutputStream ciphertextDestination, byte[] associatedData)
      Returns a wrapper around ciphertextDestination, such that any write-operation via the wrapper results in AEAD-encryption of the written data, using associatedData as associated authenticated data.
      java.nio.channels.SeekableByteChannel newSeekableDecryptingChannel​(java.nio.channels.SeekableByteChannel ciphertextSource, byte[] associatedData)
      Returns a SeekableByteChannel that allows to access the plaintext.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • create

        public static StreamingAead create​(LegacyProtoKey key)
                            throws java.security.GeneralSecurityException
        Covers the cases where users created their own streaming AEAD / key classes.
        Throws:
        java.security.GeneralSecurityException

      • newEncryptingChannel

        public java.nio.channels.WritableByteChannel newEncryptingChannel​(java.nio.channels.WritableByteChannel ciphertextDestination,
                                                                  byte[] associatedData)
                                                           throws java.security.GeneralSecurityException,
                                                                  java.io.IOException
        Description copied from interface: StreamingAead
        Returns a WritableByteChannel for plaintext. Any data written to the returned channel will be encrypted and the resulting ciphertext written to the provided ciphertextDestination
        Specified by:
        newEncryptingChannel in interface StreamingAead
        Parameters:
        ciphertextDestination - the channel to which the ciphertext is written.
        associatedData - data associated with the plaintext. This data is authenticated but not encrypted. It must be passed into the decryption.
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException

      • newSeekableDecryptingChannel

        public java.nio.channels.SeekableByteChannel newSeekableDecryptingChannel​(java.nio.channels.SeekableByteChannel ciphertextSource,
                                                                          byte[] associatedData)
                                                                   throws java.security.GeneralSecurityException,
                                                                          java.io.IOException
        Description copied from interface: StreamingAead
        Returns a SeekableByteChannel that allows to access the plaintext.

        This method does not work on Android Marshmallow (API level 23) or older because these Android versions don't have the java.nio.channels.SeekableByteChannel interface.

        Specified by:
        newSeekableDecryptingChannel in interface StreamingAead
        Parameters:
        ciphertextSource - the ciphertext
        associatedData - the data associated with the ciphertext.
        Returns:
        SeekableByteChannel that allows random read access to the plaintext. The following methods of SeekableByteChannel are implemented:
        • long position() Returns the channel's position in the plaintext.
        • SeekableByteChannel position(long newPosition) Sets the channel's position. Setting the position to a value greater than the plaintext size is legal. A later attempt to read byte will immediately return an end-of-file indication.
        • int read(ByteBuffer dst) Bytes are read starting at the channel's position, and then the position is updated with the number of bytes actually read. All bytes returned have been authenticated. If the end of the stream has been reached -1 is returned. A result of -1 is authenticated (e.g. by checking the MAC of the last ciphertext chunk.) A call to this function attempts to fill dst, but it may return fewer bytes than requested, e.g. if the underlying ciphertextSource does not provide the requested number of bytes or if the plaintext ended.

          Throws IOException if a MAC verification failed. TODO: Should we extend the interface with read(ByteBuffer dst, long position) to avoid race conditions?

        • long size() Returns the size of the plaintext. TODO: Decide whether the result should be authenticated)
        • SeekableByteChannel truncate(long size) throws NonWritableChannelException because the channel is read-only.
        • int write(ByteBuffer src) throws NonWritableChannelException because the channel is read-only.
        • close() closes the channel
        • isOpen()
        Throws:
        java.security.GeneralSecurityException - if the header of the ciphertext is corrupt or if associatedData is not correct.
        java.io.IOException - if an IOException occurred while reading from ciphertextDestination.

      • newDecryptingChannel

        public java.nio.channels.ReadableByteChannel newDecryptingChannel​(java.nio.channels.ReadableByteChannel ciphertextSource,
                                                                  byte[] associatedData)
                                                           throws java.security.GeneralSecurityException,
                                                                  java.io.IOException
        Specified by:
        newDecryptingChannel in interface StreamingAead
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException

      • newEncryptingStream

        public java.io.OutputStream newEncryptingStream​(java.io.OutputStream ciphertextDestination,
                                                byte[] associatedData)
                                         throws java.security.GeneralSecurityException,
                                                java.io.IOException
        Description copied from interface: StreamingAead
        Returns a wrapper around ciphertextDestination, such that any write-operation via the wrapper results in AEAD-encryption of the written data, using associatedData as associated authenticated data. The associated data is not included in the ciphertext and has to be passed in as parameter for decryption.
        Specified by:
        newEncryptingStream in interface StreamingAead
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException

      • newDecryptingStream

        public java.io.InputStream newDecryptingStream​(java.io.InputStream ciphertextSource,
                                               byte[] associatedData)
                                        throws java.security.GeneralSecurityException,
                                               java.io.IOException
        Description copied from interface: StreamingAead
        Returns a wrapper around ciphertextSource, such that any read-operation via the wrapper results in AEAD-decryption of the underlying ciphertext, using associatedData as associated authenticated data.

        The returned InputStream may support mark()/reset(), but does not have to do it -- markSupported() provides the corresponding info.

        The returned InputStream supports skip(), yet possibly in an inefficient way, i.e. by reading a sequence of blocks until the desired position. If a more efficient skip()-functionality is needed, the Channel-based API can be used.

        Specified by:
        newDecryptingStream in interface StreamingAead
        Throws:
        java.security.GeneralSecurityException
        java.io.IOException