org.bouncycastle.crypto.hpke
Class HPKEContext
java.lang.Object
org.bouncycastle.crypto.hpke.HPKEContext
- Direct Known Subclasses:
- HPKEContextWithEncapsulation
- public class HPKEContext
- extends java.lang.Object
An HPKE encryption / decryption context produced by one of the
(recipient) factory methods, or — via the
HPKEContextWithEncapsulation subclass — by one of the
(sender) factories.
The context is stateful: each seal(byte[], byte[]) /
open(byte[], byte[]) call advances an internal sequence number that
is XOR-mixed into the AEAD nonce per RFC 9180 §5.2, allowing a single
context to encrypt or decrypt many messages in order without nonce reuse.
export(byte[], int) derives auxiliary key material from the
exporter secret and is deterministic — repeated calls with the same
return the same bytes.
Senders should use HPKEContextWithEncapsulation.getEncapsulation()
to obtain the octet string that must be transmitted alongside
the first ciphertext so the receiver can run the matching .
|
Method Summary |
byte[] |
expand(byte[] prk,
byte[] info,
int L)
|
byte[] |
export(byte[] exportContext,
int L)
|
byte[] |
extract(byte[] salt,
byte[] ikm)
|
byte[] |
open(byte[] aad,
byte[] ct)
|
byte[] |
open(byte[] aad,
byte[] ct,
int ctOffset,
int ctLength)
|
byte[] |
seal(byte[] aad,
byte[] message)
|
byte[] |
seal(byte[] aad,
byte[] pt,
int ptOffset,
int ptLength)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
aead
protected final AEAD aead
hkdf
protected final org.bouncycastle.crypto.hpke.HKDF hkdf
exporterSecret
protected final byte[] exporterSecret
suiteId
protected final byte[] suiteId
export
public byte[] export(byte[] exportContext,
int L)
seal
public byte[] seal(byte[] aad,
byte[] message)
throws InvalidCipherTextException
- Throws:
InvalidCipherTextException
seal
public byte[] seal(byte[] aad,
byte[] pt,
int ptOffset,
int ptLength)
throws InvalidCipherTextException
- Throws:
InvalidCipherTextException
open
public byte[] open(byte[] aad,
byte[] ct)
throws InvalidCipherTextException
- Throws:
InvalidCipherTextException
open
public byte[] open(byte[] aad,
byte[] ct,
int ctOffset,
int ctLength)
throws InvalidCipherTextException
- Throws:
InvalidCipherTextException
extract
public byte[] extract(byte[] salt,
byte[] ikm)
expand
public byte[] expand(byte[] prk,
byte[] info,
int L)