Package: org.conscrypt
HpkeContextSender
public class HpkeContextSender extends org.conscrypt.HpkeContext
Hybrid Public Key Encryption (HPKE) sender APIs.
See:
HPKE RFC 9180
Sender subclass of HpkeContext. See base class for details.
Public Methods
getEncapsulated
public byte[] getEncapsulated()
Returns the encapsulated key created for this HpkeContextSender.
| Returns |
| byte[] |
the encapsulated key |
| Throws |
| IllegalStateException |
if this HpkeContextSender has not been initialised. |
seal
public byte[] seal(byte[] plaintext, byte[] aad)
Seals a message, using the internal key schedule maintained by this HpkeContextSender.
| Parameters |
| plaintext |
the plaintext |
| aad |
optional associated data, may be null or empty |
| Returns |
| byte[] |
the ciphertext |
| Throws |
| NullPointerException |
if the plaintext is null |
| IllegalStateException |
if this HpkeContextSender has not been initialised |
getInstance
public static HpkeContextSender getInstance(String suite) throws java.security.NoSuchAlgorithmException
Returns an uninitialised HpkeContextSender.
| Parameters |
| suite |
the HPKE suite to use. @see
HpkeSuite
for details. |
| Returns |
| org.conscrypt.HpkeContextSender |
an uninitialised HpkeContextSender for the requested suite |
| Throws |
| NoSuchAlgorithmException |
if no implementation could be found |
getInstance
public static HpkeContextSender getInstance(String suite, String providerName) throws java.security.NoSuchAlgorithmException, java.security.NoSuchProviderException
Returns an uninitialised HpkeContextSender from a specific
Provider
| Parameters |
| suite |
the HPKE suite to use. @see
HpkeSuite
for details. |
| providerName |
the name of the Provider to use |
| Returns |
| org.conscrypt.HpkeContextSender |
an uninitialised HpkeContextSender for the requested suite |
| Throws |
| NoSuchAlgorithmException |
if no implementation could be found |
| NoSuchProviderException |
if providerName is null or no such Provider exists |
getInstance
public static HpkeContextSender getInstance(String suite, Provider provider) throws java.security.NoSuchAlgorithmException, java.security.NoSuchProviderException
Returns an uninitialised HpkeContextSender from a specific
Provider
| Parameters |
| suite |
the HPKE suite to use. @see
HpkeSuite
for details. |
| provider |
the Provider to use |
| Returns |
| org.conscrypt.HpkeContextSender |
an uninitialised HpkeContextSender for the requested suite |
| Throws |
| NoSuchAlgorithmException |
if no implementation could be found |
| NoSuchProviderException |
if provider is null |
init
public void init(PublicKey recipientKey, byte[] info) throws java.security.InvalidKeyException
Initialises this HpkeContextSender in BASE mode, i.e. with no sender authentication.
| Parameters |
| recipientKey |
public key of the recipient |
| info |
additional application-supplied information, may be null or empty |
| Throws |
| InvalidKeyException |
if recipientKey is null or an unsupported key format |
| UnsupportedOperationException |
if mode is not a supported HPKE mode |
| IllegalStateException |
if this HpkeContextSender has already been initialised |
init
public void init(PublicKey recipientKey, byte[] info, PrivateKey senderKey) throws java.security.InvalidKeyException
Initialises this HpkeContextSender in AUTH mode, i.e. messages are authenticated using
the sender's public key.
| Parameters |
| recipientKey |
public key of the recipient |
| info |
additional application-supplied information, may be null or empty |
| senderKey |
private key of the sender |
| Throws |
| InvalidKeyException |
if either recipientKey or senderKey are null
or an unsupported key format |
| UnsupportedOperationException |
if mode is not a supported HPKE mode |
| IllegalStateException |
if this HpkeContextSender has already been initialised |
init
public void init(PublicKey recipientKey, byte[] info, byte[] psk, byte[] psk_id) throws java.security.InvalidKeyException
Initialises this HpkeContextSender in PSK mode, i.e. messages are authenticated using
a pre-shared secret key.
| Parameters |
| recipientKey |
public key of the recipient |
| info |
additional application-supplied information, may be null or empty |
| psk |
the a pre-shared secret key |
| psk_id |
the id of the pre-shared secret key |
| Throws |
| NullPointerException |
if psk or psk_id are null |
| InvalidKeyException |
if recipientKey is null or an unsupported key format |
| UnsupportedOperationException |
if mode is not a supported HPKE mode |
| IllegalStateException |
if this HpkeContextSender has already been initialised |
init
public void init(PublicKey recipientKey, byte[] info, PrivateKey senderKey, byte[] psk, byte[] psk_id) throws java.security.InvalidKeyException
Initialises this HpkeContextSender in PSK_AUTH mode, i.e. messages are authenticated using
both the sender's public key and a pre-shared secret key.
| Parameters |
| recipientKey |
public key of the recipient |
| info |
additional application-supplied information, may be null or empty |
| senderKey |
private key of the sender |
| psk |
the a pre-shared secret key |
| psk_id |
the id of the pre-shared secret key |
| Throws |
| NullPointerException |
if psk or psk_id are null |
| InvalidKeyException |
if either recipientKey or senderKey are null
or an unsupported key format |
| UnsupportedOperationException |
if mode is not a supported HPKE mode |
| IllegalStateException |
if this HpkeContextSender has already been initialised |