Package org.apache.sshd.common.cipher
Interface Cipher
-
- All Superinterfaces:
AlgorithmNameProvider
,CipherInformation
,KeySizeIndicator
- All Known Implementing Classes:
BaseCBCCipher
,BaseCipher
,BaseCTRCipher
,BaseGCMCipher
,BaseRC4Cipher
,ChaCha20Cipher
,CipherNone
public interface Cipher extends CipherInformation
Wrapper for a cryptographic cipher, used either for encryption or decryption.
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface Description static class
Cipher.Mode
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description static boolean
checkSupported(java.lang.String xform, int keyLength)
void
init(Cipher.Mode mode, byte[] key, byte[] iv)
Initialize the cipher for encryption or decryption with the given key and initialization vectordefault void
update(byte[] input)
Performs in-place encryption or decryption on the given data.void
update(byte[] input, int inputOffset, int inputLen)
Performs in-place encryption or decryption on the given data.default void
updateAAD(byte[] data)
Adds the provided input data as additional authenticated data during encryption or decryption.void
updateAAD(byte[] data, int offset, int length)
Adds the provided input data as additional authenticated data during encryption or decryption.default void
updateWithAAD(byte[] input, int offset, int aadLen, int inputLen)
Performs in-place authenticated encryption or decryption with additional data (AEAD).-
Methods inherited from interface org.apache.sshd.common.AlgorithmNameProvider
getAlgorithm
-
Methods inherited from interface org.apache.sshd.common.cipher.CipherInformation
getAuthenticationTagSize, getCipherBlockSize, getIVSize, getKdfSize, getTransformation
-
Methods inherited from interface org.apache.sshd.common.keyprovider.KeySizeIndicator
getKeySize
-
-
-
-
Method Detail
-
init
void init(Cipher.Mode mode, byte[] key, byte[] iv) throws java.lang.Exception
Initialize the cipher for encryption or decryption with the given key and initialization vector- Parameters:
mode
- Encrypt/Decrypt initializationkey
- Key bytesiv
- Initialization vector bytes- Throws:
java.lang.Exception
- If failed to initialize
-
update
default void update(byte[] input) throws java.lang.Exception
Performs in-place encryption or decryption on the given data.Note:
input.length
must be a multiple of the cipher's block size.- Parameters:
input
- The input/output bytes- Throws:
java.lang.Exception
- If failed to execute- See Also:
update(byte[], int, int)
-
update
void update(byte[] input, int inputOffset, int inputLen) throws java.lang.Exception
Performs in-place encryption or decryption on the given data.- Parameters:
input
- The input/output bytesinputOffset
- The offset of the data in the data bufferinputLen
- The number of bytes to update, starting at the given offset; must be a multiple of the cipher's block size- Throws:
java.lang.Exception
- If failed to execute
-
updateAAD
default void updateAAD(byte[] data) throws java.lang.Exception
Adds the provided input data as additional authenticated data during encryption or decryption.- Parameters:
data
- The data to authenticate- Throws:
java.lang.Exception
- If failed to execute
-
updateAAD
void updateAAD(byte[] data, int offset, int length) throws java.lang.Exception
Adds the provided input data as additional authenticated data during encryption or decryption.- Parameters:
data
- The additional data to authenticateoffset
- The offset of the additional data in the bufferlength
- The number of bytes in the buffer to use for authentication- Throws:
java.lang.Exception
- If failed to execute
-
updateWithAAD
default void updateWithAAD(byte[] input, int offset, int aadLen, int inputLen) throws java.lang.Exception
Performs in-place authenticated encryption or decryption with additional data (AEAD). Authentication tags are implicitly appended after the output ciphertext or implicitly verified after the input ciphertext. Header data indicated by theaadLen
parameter are authenticated but not encrypted/decrypted, while payload data indicated by theinputLen
parameter are authenticated and encrypted/decrypted.Note: on encryption the
input
must have enough space afteroffset + aadLen + inputLength
to store the authentication tag. On decryption, the authentication tag is assumed to be in theinput
at that offset (i.e., after the payload data).- Parameters:
input
- The input/output bytesoffset
- The offset of the data in the input bufferaadLen
- The number of bytes to use as additional authenticated data - starting at offsetinputLen
- The number of bytes to update, starting at offset + aadLen; must be a multiple of the cipher's block size- Throws:
java.lang.Exception
- If failed to execute
-
checkSupported
static boolean checkSupported(java.lang.String xform, int keyLength)
- Parameters:
xform
- The full cipher transformation - e.g., AES/CBC/NoPadding - nevernull
/emptykeyLength
- The required key length in bits - always positive- Returns:
true
if the cipher transformation and required key length are supported- See Also:
Cipher.getMaxAllowedKeyLength(String)
-
-