• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2017 Google Inc.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //      http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ////////////////////////////////////////////////////////////////////////////////
16 
17 package com.google.crypto.tink.subtle;
18 
19 import java.nio.ByteBuffer;
20 import java.security.GeneralSecurityException;
21 
22 /**
23  * StreamSegmentEncrypter is a helper class that encrypts individual segments of a stream.
24  *
25  * <p>Instances of this interfaces are passed to ...EncryptingChannel. Each instance of a segment
26  * encrypter is used to encrypt one stream. Typically, constructing a new StreamSegmentEncrypter
27  * results in the generation of a new symmetric key. This new symmetric key is used to encrypt the
28  * segments of the stream. The key itself wrapped with or derived from the key from StreamingAead
29  * instance. The wrapped key or the salt used to derive the symmetric key is part of the header.
30  *
31  * <p>A StreamSegmentEncrypter has a state: it keeps the number of segments encrypted so far. This
32  * state is used to encrypt each segment with different parameters, so that segments in the
33  * ciphertext cannot be switched.
34  *
35  * @since 1.1.0
36  */
37 public interface StreamSegmentEncrypter {
38 
39   /**
40    * Returns the header of the ciphertext stream.
41    */
getHeader()42   ByteBuffer getHeader();
43 
44   /**
45    * Encrypts the next plaintext segment.
46    * This uses encryptedSegments as the segment number for the encryption.
47    */
encryptSegment( ByteBuffer plaintext, boolean isLastSegment, ByteBuffer ciphertext)48   void encryptSegment(
49       ByteBuffer plaintext,
50       boolean isLastSegment,
51       ByteBuffer ciphertext)
52       throws GeneralSecurityException;
53 
54   /**
55    * Encrypt a segment consisting of two parts.
56    * This method simplifies the case where one part of the plaintext is buffered and the other part
57    * is passed in by the caller.
58    */
encryptSegment( ByteBuffer part1, ByteBuffer part2, boolean isLastSegment, ByteBuffer ciphertext)59   void encryptSegment(
60         ByteBuffer part1,
61         ByteBuffer part2,
62         boolean isLastSegment,
63         ByteBuffer ciphertext)
64         throws GeneralSecurityException;
65 }
66 
67