All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bouncycastle.tls.crypto.TlsCipher Maven / Gradle / Ivy

package org.bouncycastle.tls.crypto;

import java.io.IOException;

import org.bouncycastle.tls.ProtocolVersion;

/**
 * Base interface for a TLS cipher suite.
 */
public interface TlsCipher
{
    /**
     * Return the maximum input size for a ciphertext given a maximum output size for the plaintext
     * of plaintextLimit bytes.
     * 
     * @param plaintextLimit
     *            the maximum output size for the plaintext.
     * @return the maximum input size of the ciphertext for plaintextlimit bytes of output.
     */
    int getCiphertextDecodeLimit(int plaintextLimit);

    /**
     * Return the maximum output size for a ciphertext given an actual input plaintext size of
     * plaintextLength bytes and a maximum input plaintext size of plaintextLimit bytes.
     * 
     * @param plaintextLength
     *            the actual input size for the plaintext.
     * @param plaintextLimit
     *            the maximum input size for the plaintext.
     * @return the maximum output size of the ciphertext for plaintextlimit bytes of input.
     */
    int getCiphertextEncodeLimit(int plaintextLength, int plaintextLimit);

    /**
     * Return the maximum size for the plaintext given ciphertextlimit bytes of ciphertext.
     * @param ciphertextLimit the maximum number of bytes of ciphertext.
     * @return the maximum size of the plaintext for ciphertextlimit bytes of input.
     */
    int getPlaintextLimit(int ciphertextLimit);

    /**
     * Encrypt and MAC the passed in plain text using the current cipher suite.
     *
     * @param seqNo sequence number of the message represented by plaintext.
     * @param contentType content type of the message represented by plaintext.
     * @param recordVersion {@link ProtocolVersion} used for the record.
     * @param headerAllocation extra bytes to allocate at start of returned byte array.
     * @param plaintext array holding input plain text to the cipher.
     * @param offset offset into input array the plain text starts at.
     * @param len length of the plaintext in the array.
     * @return A {@link TlsEncodeResult} containing the result of encoding (after 'headerAllocation' unused bytes).
     * @throws IOException
     */
    TlsEncodeResult encodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion, int headerAllocation,
        byte[] plaintext, int offset, int len) throws IOException;

    /**
     * Validate and decrypt the passed in cipher text using the current cipher suite.
     *
     * @param seqNo sequence number of the message represented by ciphertext.
     * @param recordType content type used in the record for this message.
     * @param recordVersion {@link ProtocolVersion} used for the record.
     * @param ciphertext  array holding input cipher text to the cipher.
     * @param offset offset into input array the cipher text starts at.
     * @param len length of the cipher text in the array.
     * @return A {@link TlsDecodeResult} containing the result of decoding.
     * @throws IOException
     */
    TlsDecodeResult decodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion, byte[] ciphertext,
        int offset, int len) throws IOException;

    void rekeyDecoder() throws IOException;

    void rekeyEncoder() throws IOException;

    boolean usesOpaqueRecordType();
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy