Package com.nimbusds.jose.crypto.impl

Class XC20P

java.lang.Object
com.nimbusds.jose.crypto.impl.XC20P
@ThreadSafe public class XC20P extends Object
This class defines the XChaCha20 stream cipher as well as the use of the Poly1305 authenticator.

The eXtended-nonce ChaCha cipher construction (XChaCha) allows for ChaCha-based cipher suites to accept a 192-bit nonce with similar guarantees to the original construction, except with a much lower probability of nonce misuse occurring.

This class is thread-safe.

Version:
2022-02-24
Author:
Alexander Martynov
See Also:

  • Field Details

  • Constructor Details

  • Method Details

    • encryptAuthenticated

      public static AuthenticatedCipherText encryptAuthenticated(SecretKey secretKey, Container<byte[]> ivContainer, byte[] plainText, byte[] authData) throws JOSEException
      Encrypts the specified plain text using XChaCha20_Poly1305.
      Parameters:
      secretKey - The AES key. Must not be null.
      plainText - The plain text. Must not be null.
      ivContainer - The initialisation vector (IV). This is output parameter. On output, it carries the nonce the cipher actually used.
      authData - The authenticated data. Must not be null.
      Returns:
      The authenticated cipher text.
      Throws:
      JOSEException - If encryption failed.

    • decryptAuthenticated

      public static byte[] decryptAuthenticated(SecretKey secretKey, byte[] iv, byte[] cipherText, byte[] authData, byte[] authTag) throws JOSEException
      Decrypts the specified cipher text using XChaCha20_Poly1305.
      Parameters:
      secretKey - The AES key. Must not be null.
      iv - The initialisation vector (IV). Must not be null.
      cipherText - The cipher text. Must not be null.
      authData - The authenticated data. Must not be null.
      authTag - The authentication tag. Must not be null.
      Returns:
      The decrypted plain text.
      Throws:
      JOSEException - If decryption failed.