Interface CipherState

All Superinterfaces:
Cloneable, Destroyable
All Known Implementing Classes:
ChaChaPolyCipherState

public interface CipherState
extends Destroyable, Cloneable
Interface to an authenticated cipher for use in the Noise protocol. CipherState objects are used to encrypt or decrypt data during a session. Once the handshake has completed, HandshakeState.split() will create two CipherState objects for encrypting packets sent to the other party, and decrypting packets received from the other party.
  • Method Summary

    Modifier and Type Method Description
    CipherState clone()
    I2P
    int decryptWithAd​(byte[] ad, byte[] ciphertext, int ciphertextOffset, byte[] plaintext, int plaintextOffset, int length)
    Decrypts a ciphertext buffer using the cipher and a block of associated data.
    int encryptWithAd​(byte[] ad, byte[] plaintext, int plaintextOffset, byte[] ciphertext, int ciphertextOffset, int length)
    Encrypts a plaintext buffer using the cipher and a block of associated data.
    CipherState fork​(byte[] key, int offset)
    Creates a new instance of this cipher and initializes it with a key.
    String getCipherName()
    Gets the Noise protocol name for this cipher.
    int getKeyLength()
    Gets the length of the key values for this cipher.
    int getMACLength()
    Gets the length of the MAC values for this cipher.
    boolean hasKey()
    Determine if this cipher object has been configured with a key.
    void initializeKey​(byte[] key, int offset)
    Initializes the key on this cipher object.
    void setNonce​(long nonce)
    Sets the nonce value.

    Methods inherited from interface com.southernstorm.noise.protocol.Destroyable

    destroy
  • Method Details

    • getCipherName

      String getCipherName()
      Gets the Noise protocol name for this cipher.
      Returns:
      The cipher name.
    • getKeyLength

      int getKeyLength()
      Gets the length of the key values for this cipher.
      Returns:
      The length of the key in bytes; usually 32.
    • getMACLength

      int getMACLength()
      Gets the length of the MAC values for this cipher.
      Returns:
      The length of MAC values in bytes, or zero if the key has not yet been initialized.
    • initializeKey

      void initializeKey​(byte[] key, int offset)
      Initializes the key on this cipher object.
      Parameters:
      key - Points to a buffer that contains the key.
      offset - The offset of the key in the key buffer. The key buffer must contain at least getKeyLength() bytes starting at offset.
      See Also:
      hasKey()
    • hasKey

      boolean hasKey()
      Determine if this cipher object has been configured with a key.
      Returns:
      true if this cipher object has a key; false if the key has not yet been set with initializeKey().
      See Also:
      initializeKey(byte[], int)
    • encryptWithAd

      int encryptWithAd​(byte[] ad, byte[] plaintext, int plaintextOffset, byte[] ciphertext, int ciphertextOffset, int length) throws ShortBufferException
      Encrypts a plaintext buffer using the cipher and a block of associated data.
      Parameters:
      ad - The associated data, or null if there is none.
      plaintext - The buffer containing the plaintext to encrypt.
      plaintextOffset - The offset within the plaintext buffer of the first byte or plaintext data.
      ciphertext - The buffer to place the ciphertext in. This can be the same as the plaintext buffer.
      ciphertextOffset - The first offset within the ciphertext buffer to place the ciphertext and the MAC tag.
      length - The length of the plaintext.
      Returns:
      The length of the ciphertext plus the MAC tag, or -1 if the ciphertext buffer is not large enough to hold the result.
      Throws:
      ShortBufferException - The ciphertext buffer does not have enough space to hold the ciphertext plus MAC.
      IllegalStateException - The nonce has wrapped around. The plaintext and ciphertext buffers can be the same for in-place encryption. In that case, plaintextOffset must be identical to ciphertextOffset. There must be enough space in the ciphertext buffer to accomodate length + getMACLength() bytes of data starting at ciphertextOffset.
    • decryptWithAd

      int decryptWithAd​(byte[] ad, byte[] ciphertext, int ciphertextOffset, byte[] plaintext, int plaintextOffset, int length) throws ShortBufferException, BadPaddingException
      Decrypts a ciphertext buffer using the cipher and a block of associated data.
      Parameters:
      ad - The associated data, or null if there is none.
      ciphertext - The buffer containing the ciphertext to decrypt.
      ciphertextOffset - The offset within the ciphertext buffer of the first byte of ciphertext data.
      plaintext - The buffer to place the plaintext in. This can be the same as the ciphertext buffer.
      plaintextOffset - The first offset within the plaintext buffer to place the plaintext.
      length - The length of the incoming ciphertext plus the MAC tag.
      Returns:
      The length of the plaintext with the MAC tag stripped off.
      Throws:
      ShortBufferException - The plaintext buffer does not have enough space to store the decrypted data.
      BadPaddingException - The MAC value failed to verify.
      IllegalStateException - The nonce has wrapped around. The plaintext and ciphertext buffers can be the same for in-place decryption. In that case, ciphertextOffset must be identical to plaintextOffset.
    • fork

      CipherState fork​(byte[] key, int offset)
      Creates a new instance of this cipher and initializes it with a key.
      Parameters:
      key - The buffer containing the key.
      offset - The offset into the key buffer of the first key byte.
      Returns:
      A new CipherState of the same class as this one.
    • setNonce

      void setNonce​(long nonce)
      Sets the nonce value.
      Parameters:
      nonce - The new nonce value, which must be greater than or equal to the current value. This function is intended for testing purposes only. If the nonce value goes backwards then security may be compromised.
    • clone

      I2P
      Throws:
      CloneNotSupportedException
      Since:
      0.9.44