Package org.signal.libsignal.crypto

Class Aes256GcmEncryption

  • All Implemented Interfaces:
    org.signal.libsignal.internal.NativeHandleGuard.Owner 
    
public class Aes256GcmEncryption
extends NativeHandleGuard.SimpleOwner

    Implements the AES-256-GCM authenticated stream cipher with a 12-byte nonce.

    This API exposes the streaming nature of AES-GCM to allow encrypting data without having it resident in memory all at once. You must call computeTag when the encryption is complete to produce the authentication tag for the ciphertext, and then make sure the tag makes it to the decrypter.

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description

    • Field Summary

      Fields 
      Modifier and Type Field Description

    • Constructor Summary

      Constructors 
      Constructor Description
      Aes256GcmEncryption(Array<byte> key, Array<byte> nonce, Array<byte> associatedData) Initializes the cipher with the given inputs.

    • Enum Constant Summary

      Enum Constants 
      Enum Constant Description

    • Method Summary

      Modifier and Type Method Description
      void encrypt(Array<byte> plaintext, int offset, int length) Encrypts plaintext in place and advances the state of the cipher.
      void encrypt(Array<byte> plaintext) Encrypts plaintext in place and advances the state of the cipher.
      Array<byte> computeTag() Produces an authentication tag for the plaintext that has been processed.

      • Methods inherited from class org.signal.libsignal.internal.NativeHandleGuard.SimpleOwner

        unsafeNativeHandleWithoutGuard

      • Methods inherited from class org.signal.libsignal.internal.NativeHandleGuard.Owner

        guard, guardedMap, guardedMapChecked, guardedRun, guardedRunChecked

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • Aes256GcmEncryption

        Aes256GcmEncryption(Array<byte> key, Array<byte> nonce, Array<byte> associatedData)
        Initializes the cipher with the given inputs.

    • Method Detail

      • encrypt

         void encrypt(Array<byte> plaintext, int offset, int length)

        Encrypts plaintext in place and advances the state of the cipher.

        Bytes outside the designated offset/length are unchanged.

        Don't forget to call computeTag when encryption is complete.

      • encrypt

         void encrypt(Array<byte> plaintext)

        Encrypts plaintext in place and advances the state of the cipher.

        Don't forget to call computeTag when encryption is complete.

      • computeTag

         Array<byte> computeTag()

        Produces an authentication tag for the plaintext that has been processed.

        After calling computeTag, this object may not be used anymore.