java.lang.Object
- org.drasyl.crypto.Crypto

```
public class Crypto
extends Object
```
Util class that provides cryptography functions for drasyl.

Field Summary

Fields
Modifier and Type	Field	Description
`static SecureRandom`	`CSPRNG`
`static Crypto`	`INSTANCE`
`static short`	`PK_CURVE_25519_KEY_LENGTH`
`static short`	`PK_LONG_TIME_KEY_LENGTH`
`static short`	`SK_CURVE_25519_KEY_LENGTH`
`static short`	`SK_LONG_TIME_KEY_LENGTH`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`static int`	`compare(Key k1, Key k2)`	Compares two keys `k1` and `k2` to allow to form a total order on the keys.
`KeyAgreementPublicKey`	`convertIdentityKeyToKeyAgreementKey(IdentityPublicKey publicKey)`	Converts the given ed25519 long time `publicKey` into a curve25519 key for (on-demand) key agreement.
`KeyPair<KeyAgreementPublicKey,KeyAgreementSecretKey>`	`convertLongTimeKeyPairToKeyAgreementKeyPair(KeyPair<IdentityPublicKey,IdentitySecretKey> keyPair)`	Converts the given ed25519 long time `keyPair` into a curve25519 key pair for (on-demand) key agreement.
`byte[]`	`decrypt(byte[] cipher, byte[] authTag, Nonce nonce, SessionPair sessionPair)`	Decrypt the given `cipher`, by verify the `authTag` as an authentication tag, uses the given `nonce` and decrypting with the rx part of the `sessionPair`.
`byte[]`	`encrypt(byte[] message, byte[] authTag, Nonce nonce, SessionPair sessionPair)`	Encrypts the given `message`, by adding `authTag` as an authentication tag, using the given (hopefully fresh) `nonce` and encrypting with the tx part of the `sessionPair`.
`KeyPair<KeyAgreementPublicKey,KeyAgreementSecretKey>`	`generateEphemeralKeyPair()`	Generates a new curve25519 key pair for key exchange.
`KeyPair<IdentityPublicKey,IdentitySecretKey>`	`generateLongTimeKeyPair()`	Generates a new ed25519 key pair for signing and on-demand encryption.
`<P extends PublicKey,S extends SecretKey> SessionPair`	`generateSessionKeyPair(KeyPair<P,S> myKeyPair, PublicKey receiverPublicKey)`	Generates session key pair from the `myKeyPair` and `receiverKeyPair`.
`DrasylSodiumWrapper`	`getSodium()`	Is only for internal usage.
`static byte[]`	`randomBytes(int entropy)`	Generates a secure random bytes with the given `entropy`.
`static int`	`randomNumber(int bound)`	Generates a random number with the static `SecureRandom` of this class.
`static String`	`randomString(int entropy)`	Generates a secure random HEX String with the given `entropy` of bytes.
`byte[]`	`sha256(byte[] input)`	Generates a SHA-256 hash of the given input.
`byte[]`	`sign(byte[] message, IdentitySecretKey secretKey)`	Creates a signature for the given `message` with the given `secretKey` in detached mode (signature is not appended to message, rather it is standalone).
`boolean`	`verifySignature(byte[] signature, byte[] message, IdentityPublicKey publicKey)`	Verifies that `signature` is valid for the `message`.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - INSTANCE
```
public static final Crypto INSTANCE
```
  - CSPRNG
```
public static final SecureRandom CSPRNG
```
  - PK_LONG_TIME_KEY_LENGTH
```
public static final short PK_LONG_TIME_KEY_LENGTH
```
    See Also:
    
    Constant Field Values
  - SK_LONG_TIME_KEY_LENGTH
```
public static final short SK_LONG_TIME_KEY_LENGTH
```
    See Also:
    
    Constant Field Values
  - PK_CURVE_25519_KEY_LENGTH
```
public static final short PK_CURVE_25519_KEY_LENGTH
```
    See Also:
    
    Constant Field Values
  - SK_CURVE_25519_KEY_LENGTH
```
public static final short SK_CURVE_25519_KEY_LENGTH
```
    See Also:
    
    Constant Field Values
- Method Detail
  - compare
```
public static int compare(Key k1,
                          Key k2)
```
    Compares two keys k1 and k2 to allow to form a total order on the keys. This is especially important in asynchronous environments to make deterministic decisions.
    
    Parameters:
    
    k1 - first key
    
    k2 - second key
    
    Returns:
    
    -1 if the first key is smaller than, 0 if equals to, 1 if greater than the second key
  - randomString
```
public static String randomString(int entropy)
```
    Generates a secure random HEX String with the given entropy of bytes.
    Recommendation:
    
    4 byte for small sets
    
    8 bytes for unique internal strings, e.g. hash tables
    
    16 bytes for global uniqueness, e.g. auth token
    
    24 bytes for cryptographic operations, e.g. nonce's
    
    You can also use the following probability table for the "Birthday problem", as a starting point for a suitable entropy size: Birthday problem probability table
    Parameters:
    
    entropy - entropy in bytes
    
    Returns:
    
    a secure random HEX String
  - randomBytes
```
public static byte[] randomBytes(int entropy)
```
    Generates a secure random bytes with the given entropy.
    Recommendation:
    
    4 byte for small sets
    
    8 bytes for unique internal strings, e.g. hash tables
    
    16 bytes for global uniqueness, e.g. auth token
    
    24 bytes for cryptographic operations, e.g. nonce's
    
    You can also use the following probability table for the "Birthday problem", as a starting point for a suitable entropy size: Birthday problem probability table
    Parameters:
    
    entropy - entropy in bytes
    
    Returns:
    
    a secure random bytes
  - randomNumber
```
public static int randomNumber(int bound)
```
    Generates a random number with the static SecureRandom of this class. Avoids overhead of generating a new instance of SecureRandom.
    
    Parameters:
    
    bound - the upper bound (exclusive). Must be positive.
    
    Returns:
    
    the next pseudorandom, uniformly distributed int value between zero (inclusive) and bound (exclusive) from this random number generator's sequence
  - getSodium
```
public DrasylSodiumWrapper getSodium()
```
    Is only for internal usage.
    
    Returns:
    
    returns the DrasylSodiumWrapper instance.
  - sha256
```
public byte[] sha256(byte[] input)
              throws CryptoException
```
    Generates a SHA-256 hash of the given input.
    
    Parameters:
    
    in - the input to hash
    
    Returns:
    
    SHA-256 hash of the input
    
    Throws:
    
    CryptoException
  - generateLongTimeKeyPair
```
public KeyPair<IdentityPublicKey,IdentitySecretKey> generateLongTimeKeyPair()
                                                                           throws CryptoException
```
    Generates a new ed25519 key pair for signing and on-demand encryption. This key pair can be used as identity of a node.
    
    Returns:
    
    new ed25519 key pair
    
    Throws:
    
    CryptoException - if any error occurs during key generation
  - convertLongTimeKeyPairToKeyAgreementKeyPair
```
public KeyPair<KeyAgreementPublicKey,KeyAgreementSecretKey> convertLongTimeKeyPairToKeyAgreementKeyPair(KeyPair<IdentityPublicKey,IdentitySecretKey> keyPair)
                                                                                                       throws CryptoException
```
    Converts the given ed25519 long time keyPair into a curve25519 key pair for (on-demand) key agreement.
    
    Parameters:
    
    keyPair - the ed25519 long time key pair
    
    Returns:
    
    ed25519 key pair as curve25519
    
    Throws:
    
    CryptoException - if any error occurs during conversion
    
    NullPointerException - if keyPar or a key within the pair is null
  - convertIdentityKeyToKeyAgreementKey
```
public KeyAgreementPublicKey convertIdentityKeyToKeyAgreementKey(IdentityPublicKey publicKey)
                                                          throws CryptoException
```
    Converts the given ed25519 long time publicKey into a curve25519 key for (on-demand) key agreement.
    
    Parameters:
    
    publicKey - the ed25519 public key
    
    Returns:
    
    ed25519 public key as curve25519
    
    Throws:
    
    CryptoException - if any error occurs during conversion
  - generateEphemeralKeyPair
```
public KeyPair<KeyAgreementPublicKey,KeyAgreementSecretKey> generateEphemeralKeyPair()
                                                                                    throws CryptoException
```
    Generates a new curve25519 key pair for key exchange. This key should only be used for one session and never be re-used.
    
    Returns:
    
    new curve25519 key pair
    
    Throws:
    
    CryptoException - if any error occurs during key generation
  - generateSessionKeyPair
```
public <P extends PublicKey,S extends SecretKey> SessionPair generateSessionKeyPair(KeyPair<P,S> myKeyPair,
                                                                                          PublicKey receiverPublicKey)
                                                                                   throws CryptoException
```
    Generates session key pair from the myKeyPair and receiverKeyPair.
    
    Parameters:
    
    myKeyPair - my own curve25519 key pair (long time or ephemeral)
    
    receiverPublicKey - the receiver public key (long time or ephemeral)
    
    Returns:
    
    a session key for sending and receiving messages
    
    Throws:
    
    CryptoException - if any error occurs during generation
  - encrypt
```
public byte[] encrypt(byte[] message,
                      byte[] authTag,
                      Nonce nonce,
                      SessionPair sessionPair)
               throws CryptoException
```
    Encrypts the given message, by adding authTag as an authentication tag, using the given (hopefully fresh) nonce and encrypting with the tx part of the sessionPair.
    
    Parameters:
    
    message - the message to encrypt
    
    authTag - some authentication tag
    
    nonce - the fresh nonce
    
    sessionPair - the session pair
    
    Returns:
    
    encrypted message
    
    Throws:
    
    CryptoException - if any error occurs during encryption
    
    NullPointerException - if message or authTag is null
  - decrypt
```
public byte[] decrypt(byte[] cipher,
                      byte[] authTag,
                      Nonce nonce,
                      SessionPair sessionPair)
               throws CryptoException
```
    Decrypt the given cipher, by verify the authTag as an authentication tag, uses the given nonce and decrypting with the rx part of the sessionPair.
    
    Parameters:
    
    cipher - the cipher text to decrypt
    
    authTag - some authentication tag
    
    nonce - the fresh nonce
    
    sessionPair - the session pair
    
    Returns:
    
    decrypted message
    
    Throws:
    
    CryptoException - if any error occurs during decryption
    
    NullPointerException - if message or authTag is null
  - sign
```
public byte[] sign(byte[] message,
                   IdentitySecretKey secretKey)
            throws CryptoException
```
    Creates a signature for the given message with the given secretKey in detached mode (signature is not appended to message, rather it is standalone).
    
    Parameters:
    
    message - the message to sign
    
    secretKey - the secret key to sign
    
    Returns:
    
    the signature of the message
    
    Throws:
    
    CryptoException - if any error occurs during signing
  - verifySignature
```
public boolean verifySignature(byte[] signature,
                               byte[] message,
                               IdentityPublicKey publicKey)
```
    Verifies that signature is valid for the message.
    
    Parameters:
    
    signature - the signature of the message
    
    message - the message
    
    publicKey - the public key that signed the message
    
    Returns:
    
    true if the signature is valid for the message

Class Crypto

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

INSTANCE

CSPRNG

PK_LONG_TIME_KEY_LENGTH

SK_LONG_TIME_KEY_LENGTH

PK_CURVE_25519_KEY_LENGTH

SK_CURVE_25519_KEY_LENGTH

Method Detail

compare

randomString

randomBytes

randomNumber

getSodium

sha256

generateLongTimeKeyPair

convertLongTimeKeyPairToKeyAgreementKeyPair

convertIdentityKeyToKeyAgreementKey

generateEphemeralKeyPair

generateSessionKeyPair

encrypt

decrypt

sign

verifySignature