Interface CipherState

  • All Superinterfaces:
    Cloneable, Destroyable
    All Known Implementing Classes:
    ChaChaPolyCipherState

    public interface CipherState
    extends Destroyable, Cloneable
    Interface to an authenticated cipher for use in the Noise protocol. CipherState objects are used to encrypt or decrypt data during a session. Once the handshake has completed, HandshakeState.split() will create two CipherState objects for encrypting packets sent to the other party, and decrypting packets received from the other party.
    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      CipherState clone()
      I2P
      int decryptWithAd​(byte[] ad, byte[] ciphertext, int ciphertextOffset, byte[] plaintext, int plaintextOffset, int length)
      Decrypts a ciphertext buffer using the cipher and a block of associated data.
      int encryptWithAd​(byte[] ad, byte[] plaintext, int plaintextOffset, byte[] ciphertext, int ciphertextOffset, int length)
      Encrypts a plaintext buffer using the cipher and a block of associated data.
      CipherState fork​(byte[] key, int offset)
      Creates a new instance of this cipher and initializes it with a key.
      String getCipherName()
      Gets the Noise protocol name for this cipher.
      int getKeyLength()
      Gets the length of the key values for this cipher.
      int getMACLength()
      Gets the length of the MAC values for this cipher.
      boolean hasKey()
      Determine if this cipher object has been configured with a key.
      void initializeKey​(byte[] key, int offset)
      Initializes the key on this cipher object.
      void setNonce​(long nonce)
      Sets the nonce value.
    • Method Detail

      • getCipherName

        String getCipherName()
        Gets the Noise protocol name for this cipher.
        Returns:
        The cipher name.
      • getKeyLength

        int getKeyLength()
        Gets the length of the key values for this cipher.
        Returns:
        The length of the key in bytes; usually 32.
      • getMACLength

        int getMACLength()
        Gets the length of the MAC values for this cipher.
        Returns:
        The length of MAC values in bytes, or zero if the key has not yet been initialized.
      • initializeKey

        void initializeKey​(byte[] key,
                           int offset)
        Initializes the key on this cipher object.
        Parameters:
        key - Points to a buffer that contains the key.
        offset - The offset of the key in the key buffer. The key buffer must contain at least getKeyLength() bytes starting at offset.
        See Also:
        hasKey()
      • hasKey

        boolean hasKey()
        Determine if this cipher object has been configured with a key.
        Returns:
        true if this cipher object has a key; false if the key has not yet been set with initializeKey().
        See Also:
        initializeKey(byte[], int)
      • encryptWithAd

        int encryptWithAd​(byte[] ad,
                          byte[] plaintext,
                          int plaintextOffset,
                          byte[] ciphertext,
                          int ciphertextOffset,
                          int length)
                   throws ShortBufferException
        Encrypts a plaintext buffer using the cipher and a block of associated data.
        Parameters:
        ad - The associated data, or null if there is none.
        plaintext - The buffer containing the plaintext to encrypt.
        plaintextOffset - The offset within the plaintext buffer of the first byte or plaintext data.
        ciphertext - The buffer to place the ciphertext in. This can be the same as the plaintext buffer.
        ciphertextOffset - The first offset within the ciphertext buffer to place the ciphertext and the MAC tag.
        length - The length of the plaintext.
        Returns:
        The length of the ciphertext plus the MAC tag, or -1 if the ciphertext buffer is not large enough to hold the result.
        Throws:
        ShortBufferException - The ciphertext buffer does not have enough space to hold the ciphertext plus MAC.
        IllegalStateException - The nonce has wrapped around. The plaintext and ciphertext buffers can be the same for in-place encryption. In that case, plaintextOffset must be identical to ciphertextOffset. There must be enough space in the ciphertext buffer to accomodate length + getMACLength() bytes of data starting at ciphertextOffset.
      • decryptWithAd

        int decryptWithAd​(byte[] ad,
                          byte[] ciphertext,
                          int ciphertextOffset,
                          byte[] plaintext,
                          int plaintextOffset,
                          int length)
                   throws ShortBufferException,
                          BadPaddingException
        Decrypts a ciphertext buffer using the cipher and a block of associated data.
        Parameters:
        ad - The associated data, or null if there is none.
        ciphertext - The buffer containing the ciphertext to decrypt.
        ciphertextOffset - The offset within the ciphertext buffer of the first byte of ciphertext data.
        plaintext - The buffer to place the plaintext in. This can be the same as the ciphertext buffer.
        plaintextOffset - The first offset within the plaintext buffer to place the plaintext.
        length - The length of the incoming ciphertext plus the MAC tag.
        Returns:
        The length of the plaintext with the MAC tag stripped off.
        Throws:
        ShortBufferException - The plaintext buffer does not have enough space to store the decrypted data.
        BadPaddingException - The MAC value failed to verify.
        IllegalStateException - The nonce has wrapped around. The plaintext and ciphertext buffers can be the same for in-place decryption. In that case, ciphertextOffset must be identical to plaintextOffset.
      • fork

        CipherState fork​(byte[] key,
                         int offset)
        Creates a new instance of this cipher and initializes it with a key.
        Parameters:
        key - The buffer containing the key.
        offset - The offset into the key buffer of the first key byte.
        Returns:
        A new CipherState of the same class as this one.
      • setNonce

        void setNonce​(long nonce)
        Sets the nonce value.
        Parameters:
        nonce - The new nonce value, which must be greater than or equal to the current value. This function is intended for testing purposes only. If the nonce value goes backwards then security may be compromised.