Package com.google.crypto.tink.subtle

Class AesEaxJce

  • All Implemented Interfaces:
    Aead
    public final class AesEaxJce
extends java.lang.Object
implements Aead
    This class implements the EAX mode using AES.

    EAX is an encryption mode proposed by Bellare, Rogaway and Wagner (http://web.cs.ucdavis.edu/~rogaway/papers/eax.pdf). The encryption mode is an alternative to CCM and has been proposed as a NIST standard: http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/eax/eax-spec.pdf

    The parameter choices have been restricted to a small set of options:

    • The tag size is always 16 bytes
    • Nonces are chosen by the implementation at random. Their size is 12 or 16 bytes.

    • Constructor Summary

      Constructors 
      Constructor Description
      AesEaxJce​(byte[] key, int ivSizeInBytes)  

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static Aead create​(AesEaxKey key)  
      byte[] decrypt​(byte[] ciphertext, byte[] associatedData)
      Decrypts ciphertext with associatedData as associated authenticated data.
      byte[] encrypt​(byte[] plaintext, byte[] associatedData)
      Encrypts plaintext with associatedData as associated authenticated data.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • AesEaxJce

        public AesEaxJce​(byte[] key,
                 int ivSizeInBytes)
          throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException

    • Method Detail

      • create

        public static Aead create​(AesEaxKey key)
                   throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException

      • encrypt

        public byte[] encrypt​(byte[] plaintext,
                      byte[] associatedData)
               throws java.security.GeneralSecurityException
        Description copied from interface: Aead
        Encrypts plaintext with associatedData as associated authenticated data. The resulting ciphertext allows for checking authenticity and integrity of associated data (associatedData), but does not guarantee its secrecy.
        Specified by:
        encrypt in interface Aead
        Parameters:
        plaintext - the plaintext to be encrypted. It must be non-null, but can also be an empty (zero-length) byte array
        associatedData - associated data to be authenticated, but not encrypted. Associated data is optional, so this parameter can be null. In this case the null value is equivalent to an empty (zero-length) byte array. For successful decryption the same associatedData must be provided along with the ciphertext.
        Returns:
        resulting ciphertext
        Throws:
        java.security.GeneralSecurityException

      • decrypt

        public byte[] decrypt​(byte[] ciphertext,
                      byte[] associatedData)
               throws java.security.GeneralSecurityException
        Description copied from interface: Aead
        Decrypts ciphertext with associatedData as associated authenticated data. The decryption verifies the authenticity and integrity of the associated data, but there are no guarantees wrt. secrecy of that data.
        Specified by:
        decrypt in interface Aead
        Parameters:
        ciphertext - the plaintext to be decrypted. It must be non-null.
        associatedData - associated data to be authenticated. For successful decryption it must be the same as associatedData used during encryption. Can be null, which is equivalent to an empty (zero-length) byte array.
        Returns:
        resulting plaintext
        Throws:
        java.security.GeneralSecurityException - if decryption fails. Decryption must fail if ciphertext is not correctly authenticated for the given associatedData.