Package com.nimbusds.jose.crypto.impl

Class XC20P

java.lang.Object

com.nimbusds.jose.crypto.impl.XC20P

@ThreadSafe
public class XC20P
extends Object

This class defines the XChaCha20 stream cipher as well as the use of the Poly1305 authenticator.

The eXtended-nonce ChaCha cipher construction (XChaCha) allows for ChaCha-based cipher suites to accept a 192-bit nonce with similar guarantees to the original construction, except with a much lower probability of nonce misuse occurring.

This class is thread-safe.

Version:

2022-02-24

Author:

Alexander Martynov

See Also:

XChaCha: eXtended-nonce ChaCha and AEAD_XChaCha20_Poly1305

Field Summary

Fields

Modifier and Type	Field	Description
static int	AUTH_TAG_BIT_LENGTH	The standard authentication tag length (128 bits).
static int	IV_BIT_LENGTH	The standard Initialisation Vector (IV) length (192 bits).

Constructor Summary

Constructors

Constructor	Description
XC20P()

Method Summary

Modifier and Type	Method	Description
static byte[]	decryptAuthenticated(SecretKey secretKey, byte[] iv, byte[] cipherText, byte[] authData, byte[] authTag)	Decrypts the specified cipher text using XChaCha20_Poly1305.
static AuthenticatedCipherText	encryptAuthenticated(SecretKey secretKey, Container<byte[]> ivContainer, byte[] plainText, byte[] authData)	Encrypts the specified plain text using XChaCha20_Poly1305.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

AUTH_TAG_BIT_LENGTH

public static final int AUTH_TAG_BIT_LENGTH

The standard authentication tag length (128 bits).

See Also:

Constant Field Values

IV_BIT_LENGTH

public static final int IV_BIT_LENGTH

The standard Initialisation Vector (IV) length (192 bits).

See Also:

Constant Field Values

Constructor Detail

XC20P

public XC20P()

Method Detail

encryptAuthenticated

public static AuthenticatedCipherText encryptAuthenticated(SecretKey secretKey,
                                                           Container<byte[]> ivContainer,
                                                           byte[] plainText,
                                                           byte[] authData)
                                                    throws JOSEException

Encrypts the specified plain text using XChaCha20_Poly1305.

Parameters:

secretKey - The AES key. Must not be null.

plainText - The plain text. Must not be null.

ivContainer - The initialisation vector (IV). This is output parameter. On output, it carries the nonce the cipher actually used.

authData - The authenticated data. Must not be null.

Returns:

The authenticated cipher text.

Throws:

JOSEException - If encryption failed.

decryptAuthenticated

public static byte[] decryptAuthenticated(SecretKey secretKey,
                                          byte[] iv,
                                          byte[] cipherText,
                                          byte[] authData,
                                          byte[] authTag)
                                   throws JOSEException

Decrypts the specified cipher text using XChaCha20_Poly1305.

Parameters:

secretKey - The AES key. Must not be null.

iv - The initialisation vector (IV). Must not be null.

cipherText - The cipher text. Must not be null.

authData - The authenticated data. Must not be null.

authTag - The authentication tag. Must not be null.

Returns:

The decrypted plain text.

Throws:

JOSEException - If decryption failed.