Class ECIESAEADEngine


  • public final class ECIESAEADEngine
    extends Object
    Handles the actual ECIES+AEAD encryption and decryption scenarios using the supplied keys and data. No, this does not extend ElGamalAESEngine or AEADEngine or CryptixAEADEngine.
    Since:
    0.9.44
    • Constructor Detail

      • ECIESAEADEngine

        public ECIESAEADEngine​(RouterContext ctx)
        Caller MUST call startup() to get threaded generation. Will still work without, will just generate inline. startup() is called from RatchetSKM constructor so it's deferred until we need it.
    • Method Detail

      • startup

        public void startup()
        May be called multiple times
      • shutdown

        public void shutdown()
        Cannot be restarted
      • decrypt

        public CloveSet decrypt​(byte[] data,
                                PrivateKey targetPrivateKey,
                                RatchetSKM keyManager)
                         throws DataFormatException
        Decrypt the message using the given private key and using tags from the specified key manager. This works according to the ECIES+AEAD algorithm in the data structure spec. Warning - use the correct SessionKeyManager. Clients should instantiate their own. Clients using I2PAppContext.sessionKeyManager() may be correlated with the router, unless you are careful to use different keys.
        Returns:
        decrypted data or null on failure
        Throws:
        DataFormatException
      • encrypt

        public byte[] encrypt​(CloveSet cloves,
                              PublicKey target,
                              PrivateKey priv,
                              RatchetSKM keyManager)
        Encrypt the data to the target using the given key and deliver the specified tags No new session key This is the one called from GarlicMessageBuilder and is the primary entry point. Re: padded size: The AEAD block adds at least 39 bytes of overhead to the data, and that is included in the minimum size calculation. In the router, we always use garlic messages. A garlic message with a single clove and zero data is about 84 bytes, so that's 123 bytes minimum. So any paddingSize <= 128 is a no-op as every message will be at least 128 bytes (Streaming, if used, adds more overhead). Outside the router, with a client using its own message format, the minimum size is 48, so any paddingSize <= 48 is a no-op. Not included in the minimum is a 32-byte session tag for an existing session, or a 514-byte ECIES block and several 32-byte session tags for a new session. So the returned encrypted data will be at least 32 bytes larger than paddedSize.
        Parameters:
        target - public key to which the data should be encrypted.
        priv - local private key to encrypt with, from the leaseset
        Returns:
        encrypted data or null on failure