public class HelixDecryption extends Object
This primitive can be used for decryption only, or for decryption-with-MAC-verification, based upon how the instance is constructed.
| Constructor and Description |
|---|
HelixDecryption(byte[] key,
byte[] nonce)
Creates a new HelixDecryption primitive using the specified key
and nonce.
|
HelixDecryption(byte[] key,
byte[] nonce,
byte[] expectedMac)
Creates a new HelixDecryption primitive using the specified key,
nonce, and expected MAC.
|
| Modifier and Type | Method and Description |
|---|---|
int |
bufferSize()
Returns the number of bytes that are currently buffered.
|
protected void |
doBlock(int word)
Applies a single Helix block to an input word.
|
byte[] |
feed(byte[] part)
Processes the next whole number of words (32-bit integers) from
part.
|
byte[] |
finish(byte[] cipherTextBytes)
Completes a Helix encryption/decryption operation.
|
byte[] |
getGeneratedMac()
Returns the MAC that was generated following a successful
encryption/decryption operation.
|
protected int |
nextStateWord()
Returns the next state word for use in the main encryption/decryption
loop.
|
protected int[] |
transformWords(int[] cipherTextWords,
int mask)
Performs the main encryption/decryption loop.
|
public HelixDecryption(byte[] key,
byte[] nonce)
A HelixDecryption primitive constructed in this way will
not perform MAC verification. However, the generated MAC is still
retrievable (via the getGeneratedMac() method) after the
successful completion of the decryption operation.
key - the Helix key (cannot exceed 32 bytes in length)nonce - the Helix nonce (must be exactly 16 bytes in length)public HelixDecryption(byte[] key,
byte[] nonce,
byte[] expectedMac)
A HelixDecryption primitive constructed in this way will verify the generated MAC against expectedMac on the successful completion of the decryption operation if expectedMac is not null.
key - the Helix key (cannot exceed 32 bytes in length)nonce - the Helix nonce (must be exactly 16 bytes in length)expectedMac - the Helix MAC that is expected to be generated after the
decryption operation completes successfully (or null
to bypass MAC verification)public byte[] finish(byte[] cipherTextBytes)
If this method completes successfully, the generated MAC can be retrieved
using the HelixPrimitive.getGeneratedMac() method.
All remaining bytes (buffered + part) are processed. Up to three zero-bytes of padding are added to the remaining bytes to ensure that there is a whole number of words to process. Any padded bytes are masked off when the operation is completed.
If this method completes successfully, the generated MAC can be retrieved
using the HelixPrimitive.getGeneratedMac() method.
finish in interface HelixPrimitivecipherTextBytes - the final group of ciphertext bytes to be decryptedMessageAuthenticationException - if this primitive was constructed with an expected MAC, and
MAC verification failsprotected int[] transformWords(int[] cipherTextWords,
int mask)
cipherTextWords - the next group of ciphertext words to bemask - a 32-bit integer used to mask off extra bytes (if any) on the
last group of ciphertext wordsprotected final int nextStateWord()
protected final void doBlock(int word)
word - a single word (32-bit integer) of plaintext or ciphertextpublic final byte[] feed(byte[] part)
Up to three bytes at the end of part may be buffered for the next call, in order to ensure that only a whole number of words are processed during this call.
feed in interface HelixPrimitivepart - the next sequence of bytes to be processed by this primitivepublic final int bufferSize()
bufferSize in interface HelixPrimitivepublic final byte[] getGeneratedMac()
getGeneratedMac in interface HelixPrimitiveIllegalStateException - if the encryption/decryption operation has not completed
successfullyCopyright © 2010-2015 Matthew Zipay. All Rights Reserved.