com.google.crypto.tink.aead.internal

Class LegacyFullAead

java.lang.Object

com.google.crypto.tink.aead.internal.LegacyFullAead

All Implemented Interfaces:

Aead

public class LegacyFullAead
extends Object
implements Aead

Takes an arbitrary raw AEAD and makes it a full primitive. This is a class that helps us transition onto the new Keys and Configurations interface, by bringing potential user-defined primitives to a common denominator with our primitives over which we have control.

Method Summary

Modifier and Type	Method and Description
static Aead	create(Aead rawAead, Bytes outputPrefix)
static Aead	create(LegacyProtoKey key) This method covers the cases where users created their own aead/key classes.
byte[]	decrypt(byte[] ciphertext, byte[] associatedData) Decrypts ciphertext with associatedData as associated authenticated data.
byte[]	encrypt(byte[] plaintext, byte[] associatedData) Encrypts plaintext with associatedData as associated authenticated data.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

create

public static Aead create(LegacyProtoKey key)
                   throws GeneralSecurityException

This method covers the cases where users created their own aead/key classes.

Throws:

GeneralSecurityException

create

public static Aead create(Aead rawAead,
                          Bytes outputPrefix)

encrypt

public byte[] encrypt(byte[] plaintext,
                      byte[] associatedData)
               throws GeneralSecurityException

Description copied from interface: Aead

Encrypts plaintext with associatedData as associated authenticated data. The resulting ciphertext allows for checking authenticity and integrity of associated data (associatedData), but does not guarantee its secrecy.

Specified by:

encrypt in interface Aead

Parameters:

plaintext - the plaintext to be encrypted. It must be non-null, but can also be an empty (zero-length) byte array

associatedData - associated data to be authenticated, but not encrypted. Associated data is optional, so this parameter can be null. In this case the null value is equivalent to an empty (zero-length) byte array. For successful decryption the same associatedData must be provided along with the ciphertext.

Returns:

resulting ciphertext

Throws:

GeneralSecurityException

decrypt

public byte[] decrypt(byte[] ciphertext,
                      byte[] associatedData)
               throws GeneralSecurityException

Description copied from interface: Aead

Decrypts ciphertext with associatedData as associated authenticated data. The decryption verifies the authenticity and integrity of the associated data, but there are no guarantees wrt. secrecy of that data.

Specified by:

decrypt in interface Aead

Parameters:

ciphertext - the plaintext to be decrypted. It must be non-null.

associatedData - associated data to be authenticated. For successful decryption it must be the same as associatedData used during encryption. Can be null, which is equivalent to an empty (zero-length) byte array.

Returns:

resulting plaintext

Throws:

GeneralSecurityException - if decryption fails. Decryption must fail if ciphertext is not correctly authenticated for the given associatedData.