A cryptographic algorithm that performs Authenticated encryption with additional data . Per JWE RFC 7516, Section 4.1.2 , all JWEs MUST use an AEAD algo
| 66 | * @since 0.12.0 |
| 67 | */ |
| 68 | public interface AeadAlgorithm extends Identifiable, KeyLengthSupplier, KeyBuilderSupplier<SecretKey, SecretKeyBuilder> { |
| 69 | |
| 70 | /** |
| 71 | * Encrypts plaintext and signs any {@link AeadRequest#getAssociatedData() associated data}, placing the resulting |
| 72 | * ciphertext, initialization vector and authentication tag in the provided {@code result}. |
| 73 | * |
| 74 | * @param req the encryption request representing the plaintext to be encrypted, any additional |
| 75 | * integrity-protected data and the encryption key. |
| 76 | * @param res the result to write ciphertext, initialization vector and AAD authentication tag (aka digest) |
| 77 | * @throws SecurityException if there is an encryption problem or AAD authenticity cannot be guaranteed. |
| 78 | */ |
| 79 | void encrypt(AeadRequest req, AeadResult res) throws SecurityException; |
| 80 | |
| 81 | /** |
| 82 | * Decrypts ciphertext and authenticates any {@link DecryptAeadRequest#getAssociatedData() associated data}, |
| 83 | * writing the decrypted plaintext to the provided {@code out}put stream. |
| 84 | * |
| 85 | * @param request the decryption request representing the ciphertext to be decrypted, any additional |
| 86 | * integrity-protected data, authentication tag, initialization vector, and decryption key |
| 87 | * @param out the OutputStream for writing decrypted plaintext |
| 88 | * @throws SecurityException if there is a decryption problem or authenticity assertions fail. |
| 89 | */ |
| 90 | void decrypt(DecryptAeadRequest request, OutputStream out) throws SecurityException; |
| 91 | } |
no outgoing calls
no test coverage detected
searching dependent graphs…