com.southernstorm.noise.protocol

Interface CipherState

All Superinterfaces:

Destroyable

public interface CipherState
extends Destroyable

Interface to an authenticated cipher for use in the Noise protocol. CipherState objects are used to encrypt or decrypt data during a session. Once the handshake has completed, HandshakeState.split() will create two CipherState objects for encrypting packets sent to the other party, and decrypting packets received from the other party.

Method Summary

Methods

Modifier and Type	Method and Description
int	decryptWithAd(byte[] ad, byte[] ciphertext, int ciphertextOffset, byte[] plaintext, int plaintextOffset, int length) Decrypts a ciphertext buffer using the cipher and a block of associated data.
int	encryptWithAd(byte[] ad, byte[] plaintext, int plaintextOffset, byte[] ciphertext, int ciphertextOffset, int length) Encrypts a plaintext buffer using the cipher and a block of associated data.
CipherState	fork(byte[] key, int offset) Creates a new instance of this cipher and initializes it with a key.
java.lang.String	getCipherName() Gets the Noise protocol name for this cipher.
int	getKeyLength() Gets the length of the key values for this cipher.
int	getMACLength() Gets the length of the MAC values for this cipher.
boolean	hasKey() Determine if this cipher object has been configured with a key.
void	initializeKey(byte[] key, int offset) Initializes the key on this cipher object.
void	setNonce(long nonce) Sets the nonce value.

Methods inherited from interface com.southernstorm.noise.protocol.Destroyable

destroy

Method Detail

getCipherName

java.lang.String getCipherName()

Gets the Noise protocol name for this cipher.

Returns:

The cipher name.

getKeyLength

int getKeyLength()

Gets the length of the key values for this cipher.

Returns:

The length of the key in bytes; usually 32.

getMACLength

int getMACLength()

Gets the length of the MAC values for this cipher.

Returns:

The length of MAC values in bytes, or zero if the key has not yet been initialized.

initializeKey

void initializeKey(byte[] key,
                 int offset)

Initializes the key on this cipher object.

Parameters:

key - Points to a buffer that contains the key.

offset - The offset of the key in the key buffer. The key buffer must contain at least getKeyLength() bytes starting at offset.

See Also:

hasKey()

hasKey

boolean hasKey()

Determine if this cipher object has been configured with a key.

Returns:

true if this cipher object has a key; false if the key has not yet been set with initializeKey().

See Also:

initializeKey(byte[], int)

encryptWithAd

int encryptWithAd(byte[] ad,
                byte[] plaintext,
                int plaintextOffset,
                byte[] ciphertext,
                int ciphertextOffset,
                int length)
                  throws javax.crypto.ShortBufferException

Encrypts a plaintext buffer using the cipher and a block of associated data.

Parameters:

ad - The associated data, or null if there is none.

plaintext - The buffer containing the plaintext to encrypt.

plaintextOffset - The offset within the plaintext buffer of the first byte or plaintext data.

ciphertext - The buffer to place the ciphertext in. This can be the same as the plaintext buffer.

ciphertextOffset - The first offset within the ciphertext buffer to place the ciphertext and the MAC tag.

length - The length of the plaintext.

Returns:

The length of the ciphertext plus the MAC tag, or -1 if the ciphertext buffer is not large enough to hold the result.

Throws:

javax.crypto.ShortBufferException - The ciphertext buffer does not have enough space to hold the ciphertext plus MAC.

java.lang.IllegalStateException - The nonce has wrapped around. The plaintext and ciphertext buffers can be the same for in-place encryption. In that case, plaintextOffset must be identical to ciphertextOffset. There must be enough space in the ciphertext buffer to accomodate length + getMACLength() bytes of data starting at ciphertextOffset.

decryptWithAd

int decryptWithAd(byte[] ad,
                byte[] ciphertext,
                int ciphertextOffset,
                byte[] plaintext,
                int plaintextOffset,
                int length)
                  throws javax.crypto.ShortBufferException,
                         javax.crypto.BadPaddingException

Decrypts a ciphertext buffer using the cipher and a block of associated data.

Parameters:

ad - The associated data, or null if there is none.

ciphertext - The buffer containing the ciphertext to decrypt.

ciphertextOffset - The offset within the ciphertext buffer of the first byte of ciphertext data.

plaintext - The buffer to place the plaintext in. This can be the same as the ciphertext buffer.

plaintextOffset - The first offset within the plaintext buffer to place the plaintext.

length - The length of the incoming ciphertext plus the MAC tag.

Returns:

The length of the plaintext with the MAC tag stripped off.

Throws:

javax.crypto.ShortBufferException - The plaintext buffer does not have enough space to store the decrypted data.

javax.crypto.BadPaddingException - The MAC value failed to verify.

java.lang.IllegalStateException - The nonce has wrapped around. The plaintext and ciphertext buffers can be the same for in-place decryption. In that case, ciphertextOffset must be identical to plaintextOffset.

fork

CipherState fork(byte[] key,
               int offset)

Creates a new instance of this cipher and initializes it with a key.

Parameters:

key - The buffer containing the key.

offset - The offset into the key buffer of the first key byte.

Returns:

A new CipherState of the same class as this one.

setNonce

void setNonce(long nonce)

Sets the nonce value.

Parameters:

nonce - The new nonce value, which must be greater than or equal to the current value. This function is intended for testing purposes only. If the nonce value goes backwards then security may be compromised.