public interface Aead
Implementations of this interface are secure against adaptive chosen ciphertext attacks. Encryption with associated data ensures authenticity (who the sender is) and integrity (the data has not been tampered with) of that data, but not its secrecy. (see RFC 5116 for more info)
| Modifier and Type | Method and Description |
|---|---|
byte[] |
decrypt(byte[] ciphertext,
byte[] associatedData)
Decrypts
ciphertext with associatedData as associated authenticated data. |
byte[] |
encrypt(byte[] plaintext,
byte[] associatedData)
Encrypts
plaintext with associatedData as associated authenticated data. |
byte[] encrypt(byte[] plaintext,
byte[] associatedData)
throws GeneralSecurityException
plaintext with associatedData as associated authenticated data.
The resulting ciphertext allows for checking authenticity and integrity of associated data
(associatedData), but does not guarantee its secrecy.plaintext - the plaintext to be encrypted. It must be non-null, but can also
be an empty (zero-length) byte arrayassociatedData - associated data to be authenticated, but not encrypted. Associated data
is optional, so this parameter can be null. In this case the null value
is equivalent to an empty (zero-length) byte array.
For successful decryption the same associatedData must be provided
along with the ciphertext.GeneralSecurityExceptionbyte[] decrypt(byte[] ciphertext,
byte[] associatedData)
throws GeneralSecurityException
ciphertext with associatedData as associated authenticated data.
The decryption verifies the authenticity and integrity of the associated data, but there are
no guarantees wrt. secrecy of that data.ciphertext - the plaintext to be decrypted. It must be non-null.associatedData - associated data to be authenticated. For successful decryption
it must be the same as associatedData used during encryption.
Can be null, which is equivalent to an empty (zero-length) byte array.GeneralSecurityException