Package org.bouncycastle.tls.crypto.impl

Class TlsAEADCipher

java.lang.Object
org.bouncycastle.tls.crypto.impl.TlsAEADCipher
All Implemented Interfaces:
TlsCipher
public class TlsAEADCipher extends Object implements TlsCipher
A generic TLS 1.2 AEAD cipher.

  • Field Details

    • AEAD_CCM

      public static final int AEAD_CCM
      See Also:

    • AEAD_CHACHA20_POLY1305

      public static final int AEAD_CHACHA20_POLY1305
      See Also:

    • AEAD_GCM

      public static final int AEAD_GCM
      See Also:

    • cryptoParams

      protected final TlsCryptoParameters cryptoParams

    • keySize

      protected final int keySize

    • macSize

      protected final int macSize

    • fixed_iv_length

      protected final int fixed_iv_length

    • record_iv_length

      protected final int record_iv_length

    • decryptCipher

      protected final TlsAEADCipherImpl decryptCipher

    • encryptCipher

      protected final TlsAEADCipherImpl encryptCipher

    • decryptNonce

      protected final byte[] decryptNonce

    • encryptNonce

      protected final byte[] encryptNonce

    • isTLSv13

      protected final boolean isTLSv13

    • nonceMode

      protected final int nonceMode

  • Constructor Details

  • Method Details

    • getCiphertextDecodeLimit

      public int getCiphertextDecodeLimit(int plaintextLimit)
      Description copied from interface: TlsCipher
      Return the maximum input size for a ciphertext given a maximum output size for the plaintext of plaintextLimit bytes.
      Specified by:
      getCiphertextDecodeLimit in interface TlsCipher
      Parameters:
      plaintextLimit - the maximum output size for the plaintext.
      Returns:
      the maximum input size of the ciphertext for plaintextlimit bytes of output.

    • getCiphertextEncodeLimit

      public int getCiphertextEncodeLimit(int plaintextLength, int plaintextLimit)
      Description copied from interface: TlsCipher
      Return the maximum output size for a ciphertext given an actual input plaintext size of plaintextLength bytes and a maximum input plaintext size of plaintextLimit bytes.
      Specified by:
      getCiphertextEncodeLimit in interface TlsCipher
      Parameters:
      plaintextLength - the actual input size for the plaintext.
      plaintextLimit - the maximum input size for the plaintext.
      Returns:
      the maximum output size of the ciphertext for plaintextlimit bytes of input.

    • getPlaintextLimit

      public int getPlaintextLimit(int ciphertextLimit)
      Description copied from interface: TlsCipher
      Return the maximum size for the plaintext given ciphertextlimit bytes of ciphertext.
      Specified by:
      getPlaintextLimit in interface TlsCipher
      Parameters:
      ciphertextLimit - the maximum number of bytes of ciphertext.
      Returns:
      the maximum size of the plaintext for ciphertextlimit bytes of input.

    • encodePlaintext

      public TlsEncodeResult encodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion, int headerAllocation, byte[] plaintext, int plaintextOffset, int plaintextLength) throws IOException
      Description copied from interface: TlsCipher
      Encode the passed in plaintext using the current bulk cipher.
      Specified by:
      encodePlaintext in interface TlsCipher
      Parameters:
      seqNo - sequence number of the message represented by plaintext.
      contentType - content type of the message represented by plaintext.
      recordVersion - ProtocolVersion used for the record.
      headerAllocation - extra bytes to allocate at start of returned byte array.
      plaintext - array holding input plaintext to the cipher.
      plaintextOffset - offset into input array the plaintext starts at.
      plaintextLength - length of the plaintext in the array.
      Returns:
      A TlsEncodeResult containing the result of encoding (after 'headerAllocation' unused bytes).
      Throws:
      IOException

    • decodeCiphertext

      public TlsDecodeResult decodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion, byte[] ciphertext, int ciphertextOffset, int ciphertextLength) throws IOException
      Description copied from interface: TlsCipher
      Decode the passed in ciphertext using the current bulk cipher.
      Specified by:
      decodeCiphertext in interface TlsCipher
      Parameters:
      seqNo - sequence number of the message represented by ciphertext.
      recordType - content type used in the record for this message.
      recordVersion - ProtocolVersion used for the record.
      ciphertext - array holding input ciphertext to the cipher.
      ciphertextOffset - offset into input array the ciphertext starts at.
      ciphertextLength - length of the ciphertext in the array.
      Returns:
      A TlsDecodeResult containing the result of decoding.
      Throws:
      IOException

    • rekeyDecoder

      public void rekeyDecoder() throws IOException
      Specified by:
      rekeyDecoder in interface TlsCipher
      Throws:
      IOException

    • rekeyEncoder

      public void rekeyEncoder() throws IOException
      Specified by:
      rekeyEncoder in interface TlsCipher
      Throws:
      IOException

    • usesOpaqueRecordType

      public boolean usesOpaqueRecordType()
      Specified by:
      usesOpaqueRecordType in interface TlsCipher

    • getAdditionalData

      protected byte[] getAdditionalData(long seqNo, short recordType, ProtocolVersion recordVersion, int ciphertextLength, int plaintextLength) throws IOException
      Throws:
      IOException

    • rekeyCipher

      protected void rekeyCipher(SecurityParameters securityParameters, TlsAEADCipherImpl cipher, byte[] nonce, boolean serverSecret) throws IOException
      Throws:
      IOException

    • setup13Cipher

      protected void setup13Cipher(TlsAEADCipherImpl cipher, byte[] nonce, TlsSecret secret, int cryptoHashAlgorithm) throws IOException
      Throws:
      IOException