org.bouncycastle.tls.crypto.TlsCipher Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of impersonator Show documentation
Show all versions of impersonator Show documentation
Spoof TLS/JA3/JA4 and HTTP/2 fingerprints in Java
package org.bouncycastle.tls.crypto;
import java.io.IOException;
import org.bouncycastle.tls.ProtocolVersion;
/**
* Base interface for a TLS bulk cipher.
*/
public interface TlsCipher
{
/**
* Return the maximum input size for a ciphertext given a maximum output size for the plaintext
* of plaintextLimit bytes.
*
* @param plaintextLimit
* the maximum output size for the plaintext.
* @return the maximum input size of the ciphertext for plaintextLimit bytes of output.
*/
int getCiphertextDecodeLimit(int plaintextLimit);
/**
* Return the maximum output size for a ciphertext given a maximum input size for the plaintext of
* plaintextLimit bytes.
*
* @param plaintextLimit
* the maximum input size for the plaintext.
* @return the maximum output size of the ciphertext for plaintextLimit bytes of input.
*/
int getCiphertextEncodeLimit(int plaintextLimit);
/**
* Return the maximum output size for the plaintext given a maximum input size for the ciphertext of
* ciphertextLimit bytes.
* @param ciphertextLimit the maximum input size for the ciphertext.
* @return the maximum output size of the plaintext for ciphertextLimit bytes of input.
*/
int getPlaintextDecodeLimit(int ciphertextLimit);
/**
* Return the maximum input size for the plaintext given a maximum output size for the ciphertext of
* ciphertextLimit bytes.
* @param ciphertextLimit the maximum output size for the ciphertext.
* @return the maximum input size of the plaintext for ciphertextLimit bytes of output.
*/
int getPlaintextEncodeLimit(int ciphertextLimit);
/**
* Encode the passed in plaintext using the current bulk cipher.
*
* @param seqNo sequence number of the message represented by plaintext.
* @param contentType content type of the message represented by plaintext.
* @param recordVersion {@link ProtocolVersion} used for the record.
* @param headerAllocation extra bytes to allocate at start of returned byte array.
* @param plaintext array holding input plaintext to the cipher.
* @param offset offset into input array the plaintext starts at.
* @param len length of the plaintext in the array.
* @return A {@link TlsEncodeResult} containing the result of encoding (after 'headerAllocation' unused bytes).
* @throws IOException
*/
// TODO[api] Add a parameter for how much (D)TLSInnerPlaintext padding to add
TlsEncodeResult encodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion, int headerAllocation,
byte[] plaintext, int offset, int len) throws IOException;
/**
* Decode the passed in ciphertext using the current bulk cipher.
*
* @param seqNo sequence number of the message represented by ciphertext.
* @param recordType content type used in the record for this message.
* @param recordVersion {@link ProtocolVersion} used for the record.
* @param ciphertext array holding input ciphertext to the cipher.
* @param offset offset into input array the ciphertext starts at.
* @param len length of the ciphertext in the array.
* @return A {@link TlsDecodeResult} containing the result of decoding.
* @throws IOException
*/
TlsDecodeResult decodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion, byte[] ciphertext,
int offset, int len) throws IOException;
void rekeyDecoder() throws IOException;
void rekeyEncoder() throws IOException;
boolean usesOpaqueRecordTypeDecode();
boolean usesOpaqueRecordTypeEncode();
}