Package io.grpc.alts.internal
Class AltsChannelCrypter
- java.lang.Object
-
- io.grpc.alts.internal.AltsChannelCrypter
-
- All Implemented Interfaces:
ChannelCrypterNetty
final class AltsChannelCrypter extends java.lang.Object implements ChannelCrypterNetty
Performs encryption and decryption with AES-GCM using JCE. All methods are thread-compatible.
-
-
Field Summary
Fields Modifier and Type Field Description private AeadCrypter
aeadCrypter
private static int
COUNTER_LENGTH
private static int
COUNTER_OVERFLOW_LENGTH
private byte[]
inCounter
private static int
KEY_LENGTH
private byte[]
oldCounter
private byte[]
outCounter
private static int
TAG_LENGTH
-
Constructor Summary
Constructors Constructor Description AltsChannelCrypter(byte[] key, boolean isClient)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
decrypt(io.netty.buffer.ByteBuf out, io.netty.buffer.ByteBuf ciphertextAndTag)
Decrypt ciphertext into the given output buffer and check tag.void
decrypt(io.netty.buffer.ByteBuf out, io.netty.buffer.ByteBuf tag, java.util.List<io.netty.buffer.ByteBuf> ciphertextBufs)
Decrypt ciphertext into the given output buffer and check tag.void
destroy()
Must be called to release all associated resources (instance cannot be used afterwards).void
encrypt(io.netty.buffer.ByteBuf outBuf, java.util.List<io.netty.buffer.ByteBuf> plainBufs)
Encrypt plaintext into output buffer.(package private) static int
getCounterLength()
(package private) static int
getKeyLength()
int
getSuffixLength()
Returns the length of the tag in bytes.(package private) static void
incrementCounter(byte[] counter, byte[] oldCounter)
Incrementscounter
, store the unincremented value inoldCounter
.private byte[]
incrementInCounter()
Increments the input counter, returning the previous (unincremented) value.(package private) void
incrementInCounterForTesting(int n)
private byte[]
incrementOutCounter()
Increments the output counter, returning the previous (unincremented) value.(package private) void
incrementOutCounterForTesting(int n)
-
-
-
Field Detail
-
KEY_LENGTH
private static final int KEY_LENGTH
-
COUNTER_LENGTH
private static final int COUNTER_LENGTH
- See Also:
- Constant Field Values
-
COUNTER_OVERFLOW_LENGTH
private static final int COUNTER_OVERFLOW_LENGTH
- See Also:
- Constant Field Values
-
TAG_LENGTH
private static final int TAG_LENGTH
- See Also:
- Constant Field Values
-
aeadCrypter
private final AeadCrypter aeadCrypter
-
outCounter
private final byte[] outCounter
-
inCounter
private final byte[] inCounter
-
oldCounter
private final byte[] oldCounter
-
-
Method Detail
-
getKeyLength
static int getKeyLength()
-
getCounterLength
static int getCounterLength()
-
encrypt
public void encrypt(io.netty.buffer.ByteBuf outBuf, java.util.List<io.netty.buffer.ByteBuf> plainBufs) throws java.security.GeneralSecurityException
Description copied from interface:ChannelCrypterNetty
Encrypt plaintext into output buffer.- Specified by:
encrypt
in interfaceChannelCrypterNetty
- Parameters:
outBuf
- the protected input will be written into this buffer. The buffer must be direct and have enough space to hold all input buffers and the tag. Encrypt does not take ownership of this buffer.plainBufs
- the input buffers that should be protected. Encrypt does not modify or take ownership of these buffers.- Throws:
java.security.GeneralSecurityException
-
decrypt
public void decrypt(io.netty.buffer.ByteBuf out, io.netty.buffer.ByteBuf tag, java.util.List<io.netty.buffer.ByteBuf> ciphertextBufs) throws java.security.GeneralSecurityException
Description copied from interface:ChannelCrypterNetty
Decrypt ciphertext into the given output buffer and check tag.- Specified by:
decrypt
in interfaceChannelCrypterNetty
- Parameters:
out
- the unprotected input will be written into this buffer. The buffer must be direct and have enough space to hold all ciphertext buffers and the tag, i.e., it must have additional space for the tag, even though this space will be unused in the final result. Decrypt does not take ownership of this buffer.tag
- the tag appended to the ciphertext. Decrypt does not modify or take ownership of this buffer.ciphertextBufs
- the buffers that should be unprotected (excluding the tag). Decrypt does not modify or take ownership of these buffers.- Throws:
java.security.GeneralSecurityException
-
decrypt
public void decrypt(io.netty.buffer.ByteBuf out, io.netty.buffer.ByteBuf ciphertextAndTag) throws java.security.GeneralSecurityException
Description copied from interface:ChannelCrypterNetty
Decrypt ciphertext into the given output buffer and check tag.- Specified by:
decrypt
in interfaceChannelCrypterNetty
- Parameters:
out
- the unprotected input will be written into this buffer. The buffer must be direct and have enough space to hold all ciphertext buffers and the tag, i.e., it must have additional space for the tag, even though this space will be unused in the final result. Decrypt does not take ownership of this buffer.ciphertextAndTag
- single buffer containing ciphertext and tag that should be unprotected. The buffer must be direct and either completely overlap without
or not overlap at all.- Throws:
java.security.GeneralSecurityException
-
getSuffixLength
public int getSuffixLength()
Description copied from interface:ChannelCrypterNetty
Returns the length of the tag in bytes.- Specified by:
getSuffixLength
in interfaceChannelCrypterNetty
-
destroy
public void destroy()
Description copied from interface:ChannelCrypterNetty
Must be called to release all associated resources (instance cannot be used afterwards).- Specified by:
destroy
in interfaceChannelCrypterNetty
-
incrementCounter
static void incrementCounter(byte[] counter, byte[] oldCounter) throws java.security.GeneralSecurityException
Incrementscounter
, store the unincremented value inoldCounter
.- Throws:
java.security.GeneralSecurityException
-
incrementInCounter
private byte[] incrementInCounter() throws java.security.GeneralSecurityException
Increments the input counter, returning the previous (unincremented) value.- Throws:
java.security.GeneralSecurityException
-
incrementOutCounter
private byte[] incrementOutCounter() throws java.security.GeneralSecurityException
Increments the output counter, returning the previous (unincremented) value.- Throws:
java.security.GeneralSecurityException
-
incrementInCounterForTesting
void incrementInCounterForTesting(int n) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
incrementOutCounterForTesting
void incrementOutCounterForTesting(int n) throws java.security.GeneralSecurityException
- Throws:
java.security.GeneralSecurityException
-
-