Package com.southernstorm.noise.protocol

Class SymmetricState

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      SymmetricState clone()
      I2P
      int decryptAndHash​(byte[] ciphertext, int ciphertextOffset, byte[] plaintext, int plaintextOffset, int length)
      Decrypts a block of ciphertext and mixes it into the handshake hash.
      int decryptOnly​(byte[] ciphertext, int ciphertextOffset, byte[] plaintext, int plaintextOffset, int length)
      I2P - Same as decryptAndHash() but without the post-mixHash(), for N only.
      void destroy()
      Destroys all sensitive state in the current object.
      int encryptAndHash​(byte[] plaintext, int plaintextOffset, byte[] ciphertext, int ciphertextOffset, int length)
      Encrypts a block of plaintext and mixes the ciphertext into the handshake hash.
      int encryptOnly​(byte[] plaintext, int plaintextOffset, byte[] ciphertext, int ciphertextOffset, int length)
      I2P - Same as encryptAndHash() but without the post-mixHash(), for N only.
      byte[] getChainingKey()
      I2P for getting chaining key for siphash calculation
      byte[] getHandshakeHash()
      Gets the current value of the handshake hash.
      int getMACLength()
      Gets the length of MAC values in the current state.
      String getProtocolName()
      Gets the name of the Noise protocol.
      void mixHash​(byte[] data, int offset, int length)
      Mixes data into the handshake hash.
      void mixKey​(byte[] data, int offset, int length)
      Mixes data into the chaining key.
      void mixPreSharedKey​(byte[] key)
      Mixes a pre-shared key into the chaining key and handshake hash.
      void mixPublicKey​(DHState dh)
      Mixes a pre-supplied public key into the handshake hash.
      void mixPublicKeyIntoCK​(DHState dh)
      Mixes a pre-supplied public key into the chaining key.
      CipherStatePair split()
      Splits the symmetric state into two ciphers for session encryption.
      CipherStatePair split​(byte[] secondaryKey, int offset, int length)
      Splits the symmetric state into two ciphers for session encryption, and optionally mixes in a secondary symmetric key.
      String toString()
      I2P debug

    • Method Detail

      • getProtocolName

        public String getProtocolName()
        Gets the name of the Noise protocol.
        Returns:
        The protocol name.

      • getMACLength

        public int getMACLength()
        Gets the length of MAC values in the current state.
        Returns:
        The length of the MAC value for the underlying cipher or zero if the cipher has not yet been initialized with a key.

      • mixKey

        public void mixKey​(byte[] data,
                   int offset,
                   int length)
        Mixes data into the chaining key.
        Parameters:
        data - The buffer containing the data to mix in.
        offset - The offset of the first data byte to mix in.
        length - The number of bytes to mix in.

      • mixHash

        public void mixHash​(byte[] data,
                    int offset,
                    int length)
        Mixes data into the handshake hash.
        Parameters:
        data - The buffer containing the data to mix in.
        offset - The offset of the first data byte to mix in.
        length - The number of bytes to mix in.

      • mixPreSharedKey

        public void mixPreSharedKey​(byte[] key)
        Mixes a pre-shared key into the chaining key and handshake hash.
        Parameters:
        key - The pre-shared key value.

      • mixPublicKey

        public void mixPublicKey​(DHState dh)
        Mixes a pre-supplied public key into the handshake hash.
        Parameters:
        dh - The object containing the public key.

      • mixPublicKeyIntoCK

        public void mixPublicKeyIntoCK​(DHState dh)
        Mixes a pre-supplied public key into the chaining key.
        Parameters:
        dh - The object containing the public key.

      • encryptAndHash

        public int encryptAndHash​(byte[] plaintext,
                          int plaintextOffset,
                          byte[] ciphertext,
                          int ciphertextOffset,
                          int length)
                   throws ShortBufferException
        Encrypts a block of plaintext and mixes the ciphertext into the handshake hash.
        Parameters:
        plaintext - The buffer containing the plaintext to encrypt.
        plaintextOffset - The offset within the plaintext buffer of the first byte or plaintext data.
        ciphertext - The buffer to place the ciphertext in. This can be the same as the plaintext buffer.
        ciphertextOffset - The first offset within the ciphertext buffer to place the ciphertext and the MAC tag.
        length - The length of the plaintext.
        Returns:
        The length of the ciphertext plus the MAC tag.
        Throws:
        ShortBufferException - There is not enough space in the ciphertext buffer for the encrypted data plus MAC value. The plaintext and ciphertext buffers can be the same for in-place encryption. In that case, plaintextOffset must be identical to ciphertextOffset. There must be enough space in the ciphertext buffer to accomodate length + getMACLength() bytes of data starting at ciphertextOffset.

      • encryptOnly

        public int encryptOnly​(byte[] plaintext,
                       int plaintextOffset,
                       byte[] ciphertext,
                       int ciphertextOffset,
                       int length)
                throws ShortBufferException
        I2P - Same as encryptAndHash() but without the post-mixHash(), for N only.
        Throws:
        ShortBufferException
        Since:
        0.9.49

      • decryptAndHash

        public int decryptAndHash​(byte[] ciphertext,
                          int ciphertextOffset,
                          byte[] plaintext,
                          int plaintextOffset,
                          int length)
                   throws ShortBufferException,
                          BadPaddingException
        Decrypts a block of ciphertext and mixes it into the handshake hash.
        Parameters:
        ciphertext - The buffer containing the ciphertext to decrypt.
        ciphertextOffset - The offset within the ciphertext buffer of the first byte of ciphertext data.
        plaintext - The buffer to place the plaintext in. This can be the same as the ciphertext buffer.
        plaintextOffset - The first offset within the plaintext buffer to place the plaintext.
        length - The length of the incoming ciphertext plus the MAC tag.
        Returns:
        The length of the plaintext with the MAC tag stripped off.
        Throws:
        ShortBufferException - There is not enough space in the plaintext buffer for the decrypted data.
        BadPaddingException - The MAC value failed to verify. The plaintext and ciphertext buffers can be the same for in-place decryption. In that case, ciphertextOffset must be identical to plaintextOffset.

      • split

        public CipherStatePair split()
        Splits the symmetric state into two ciphers for session encryption.
        Returns:
        The pair of ciphers for sending and receiving.

      • split

        public CipherStatePair split​(byte[] secondaryKey,
                             int offset,
                             int length)
        Splits the symmetric state into two ciphers for session encryption, and optionally mixes in a secondary symmetric key.
        Parameters:
        secondaryKey - The buffer containing the secondary key.
        offset - The offset of the first secondary key byte.
        length - The length of the secondary key in bytes, which must be either 0 or 32.
        Returns:
        The pair of ciphers for sending and receiving.
        Throws:
        IllegalArgumentException - The length is not 0 or 32.

      • getHandshakeHash

        public byte[] getHandshakeHash()
        Gets the current value of the handshake hash.
        Returns:
        The handshake hash. This must not be modified by the caller. The handshake hash value is only of use to the application after split() has been called.

      • destroy

        public void destroy()
        Description copied from interface: Destroyable
        Destroys all sensitive state in the current object.
        Specified by:
        destroy in interface Destroyable

      • getChainingKey

        public byte[] getChainingKey()
        I2P for getting chaining key for siphash calculation
        Returns:
        a copy