Package org.signal.libsignal.crypto

Class Aes256GcmDecryption

  • All Implemented Interfaces:
    org.signal.libsignal.internal.NativeHandleGuard.Owner 
    
public class Aes256GcmDecryption
extends NativeHandleGuard.SimpleOwner

    Implements the AES-256-GCM authenticated stream cipher with a 12-byte nonce.

    This API exposes the streaming nature of AES-GCM to allow decrypting data without having it resident in memory all at once. You must call verifyTag when the decryption is complete, or else you have no authenticity guarantees.

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description

    • Field Summary

      Fields 
      Modifier and Type Field Description
      public final static int TAG_SIZE_IN_BYTES

    • Constructor Summary

      Constructors 
      Constructor Description
      Aes256GcmDecryption(Array<byte> key, Array<byte> nonce, Array<byte> associatedData) Initializes the cipher with the given inputs.

    • Enum Constant Summary

      Enum Constants 
      Enum Constant Description

    • Method Summary

      Modifier and Type Method Description
      void decrypt(Array<byte> ciphertext) Decrypts ciphertext in place and advances the state of the cipher.
      void decrypt(Array<byte> ciphertext, int offset, int length) Decrypts ciphertext in place and advances the state of the cipher.
      boolean verifyTag(Array<byte> tag) Returns true if and only if tag matches the ciphertext that has been processed.

      • Methods inherited from class org.signal.libsignal.internal.NativeHandleGuard.SimpleOwner

        unsafeNativeHandleWithoutGuard

      • Methods inherited from class org.signal.libsignal.internal.NativeHandleGuard.Owner

        guard, guardedMap, guardedMapChecked, guardedRun, guardedRunChecked

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • Aes256GcmDecryption

        Aes256GcmDecryption(Array<byte> key, Array<byte> nonce, Array<byte> associatedData)
        Initializes the cipher with the given inputs.

    • Method Detail

      • decrypt

         void decrypt(Array<byte> ciphertext)

        Decrypts ciphertext in place and advances the state of the cipher.

        Don't forget to call verifyTag when decryption is complete.

      • decrypt

         void decrypt(Array<byte> ciphertext, int offset, int length)

        Decrypts ciphertext in place and advances the state of the cipher.

        Bytes outside the designated offset/length are unchanged.

        Don't forget to call verifyTag when decryption is complete.

      • verifyTag

         boolean verifyTag(Array<byte> tag)

        Returns true if and only if tag matches the ciphertext that has been processed.

        After calling verifyTag, this object may not be used anymore.