Bouncy Castle Cryptography Library 1.85

org.bouncycastle.crypto.hpke
Class HPKEContext

java.lang.Object
  extended byorg.bouncycastle.crypto.hpke.HPKEContext
Direct Known Subclasses:
HPKEContextWithEncapsulation

public class HPKEContext
extends java.lang.Object

An HPKE encryption / decryption context produced by one of the (recipient) factory methods, or — via the HPKEContextWithEncapsulation subclass — by one of the (sender) factories.

The context is stateful: each seal(byte[], byte[]) / open(byte[], byte[]) call advances an internal sequence number that is XOR-mixed into the AEAD nonce per RFC 9180 §5.2, allowing a single context to encrypt or decrypt many messages in order without nonce reuse. export(byte[], int) derives auxiliary key material from the exporter secret and is deterministic — repeated calls with the same return the same bytes.

Senders should use HPKEContextWithEncapsulation.getEncapsulation() to obtain the octet string that must be transmitted alongside the first ciphertext so the receiver can run the matching .


Field Summary
protected  AEAD aead
           
protected  byte[] exporterSecret
           
protected  org.bouncycastle.crypto.hpke.HKDF hkdf
           
protected  byte[] suiteId
           
 
Method Summary
 byte[] expand(byte[] prk, byte[] info, int L)
           
 byte[] export(byte[] exportContext, int L)
           
 byte[] extract(byte[] salt, byte[] ikm)
           
 byte[] open(byte[] aad, byte[] ct)
           
 byte[] open(byte[] aad, byte[] ct, int ctOffset, int ctLength)
           
 byte[] seal(byte[] aad, byte[] message)
           
 byte[] seal(byte[] aad, byte[] pt, int ptOffset, int ptLength)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

aead

protected final AEAD aead

hkdf

protected final org.bouncycastle.crypto.hpke.HKDF hkdf

exporterSecret

protected final byte[] exporterSecret

suiteId

protected final byte[] suiteId
Method Detail

export

public byte[] export(byte[] exportContext,
                     int L)

seal

public byte[] seal(byte[] aad,
                   byte[] message)
            throws InvalidCipherTextException
Throws:
InvalidCipherTextException

seal

public byte[] seal(byte[] aad,
                   byte[] pt,
                   int ptOffset,
                   int ptLength)
            throws InvalidCipherTextException
Throws:
InvalidCipherTextException

open

public byte[] open(byte[] aad,
                   byte[] ct)
            throws InvalidCipherTextException
Throws:
InvalidCipherTextException

open

public byte[] open(byte[] aad,
                   byte[] ct,
                   int ctOffset,
                   int ctLength)
            throws InvalidCipherTextException
Throws:
InvalidCipherTextException

extract

public byte[] extract(byte[] salt,
                      byte[] ikm)

expand

public byte[] expand(byte[] prk,
                     byte[] info,
                     int L)

Bouncy Castle Cryptography Library 1.85