Package org.signal.libsignal.crypto

Class Aes256GcmSiv

  • All Implemented Interfaces:
    org.signal.libsignal.internal.NativeHandleGuard.Owner 
    
public class Aes256GcmSiv
extends NativeHandleGuard.SimpleOwner

    Implements the AES-256-GCM-SIV authenticated stream cipher with a 12-byte nonce.

    AES-GCM-SIV is a multi-pass algorithm (to generate the "synthetic initialization vector"), so this API does not expose a streaming form.

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description

    • Field Summary

      Fields 
      Modifier and Type Field Description

    • Constructor Summary

      Constructors 
      Constructor Description
      Aes256GcmSiv(Array<byte> key)

    • Enum Constant Summary

      Enum Constants 
      Enum Constant Description

    • Method Summary

      Modifier and Type Method Description
      Array<byte> encrypt(Array<byte> plaintext, Array<byte> nonce, Array<byte> associated_data) Encrypts the given plaintext using the given nonce, and authenticating the ciphertext and given associated data.
      Array<byte> decrypt(Array<byte> ciphertext, Array<byte> nonce, Array<byte> associated_data) Decrypts the given ciphertext using the given nonce, and authenticating the ciphertext and given associated data.

      • Methods inherited from class org.signal.libsignal.internal.NativeHandleGuard.SimpleOwner

        unsafeNativeHandleWithoutGuard

      • Methods inherited from class org.signal.libsignal.internal.NativeHandleGuard.Owner

        guard, guardedMap, guardedMapChecked, guardedRun, guardedRunChecked

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • Aes256GcmSiv

        Aes256GcmSiv(Array<byte> key)

    • Method Detail

      • encrypt

         Array<byte> encrypt(Array<byte> plaintext, Array<byte> nonce, Array<byte> associated_data)

        Encrypts the given plaintext using the given nonce, and authenticating the ciphertext and given associated data.

        The associated data is not included in the ciphertext; instead, it's expected to match between the encrypter and decrypter. If you don't need any extra data, pass an empty array.

        Returns:

        The encrypted data, including an appended 16-byte authentication tag.

      • decrypt

         Array<byte> decrypt(Array<byte> ciphertext, Array<byte> nonce, Array<byte> associated_data)

        Decrypts the given ciphertext using the given nonce, and authenticating the ciphertext and given associated data.

        The associated data is not included in the ciphertext; instead, it's expected to match between the encrypter and decrypter.

        Returns:

        The decrypted data