Class KeyBackupCrypto
- java.lang.Object
-
- org.magmacollective.darkcrystal.keybackup.crypto.KeyBackupCrypto
-
public class KeyBackupCrypto extends java.lang.Object
Crypto methods for Dark Crystal Distributed Key Backup
-
-
Field Summary
Fields Modifier and Type Field Description static int
BLAKE2B_BYTES
static int
CURVE25519_PUBLIC_KEY_BYTES
static int
CURVE25519_SECRET_KEY_BYTES
static int
MAC_BYTES
static int
NONCE_BYTES
static int
SYMMETRIC_KEY_BYTES
-
Constructor Summary
Constructors Constructor Description KeyBackupCrypto()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static byte[]
blake2b(byte[] message)
32 byte Blake2b hash without keystatic byte[]
blake2b(byte[] message, byte[] key)
32 byte Blake2b keyed hashstatic byte[]
box(byte[] message, org.whispersystems.curve25519.Curve25519KeyPair keypair, byte[] recipientPublicKey)
encrypt a message to the given recipientstatic byte[]
box(byte[] message, org.whispersystems.curve25519.Curve25519KeyPair keypair, byte[] recipientPublicKey, byte[] contextData)
encrypt a message to the given recipient, with additional contextual datastatic byte[]
byteArrayConcat(byte[] array1, byte[] array2)
Concatonate two byte arraysstatic byte[]
calculateAgreement(byte[] publicKey, byte[] privateKey)
Calculate a DH agreementstatic byte[]
decrypt(byte[] ciphertextWithNonce, byte[] key)
Attempt to decrypt a message with a given symmetric keystatic byte[]
encrypt(byte[] message, byte[] key)
encrypt a message with the given symmetric keystatic byte[]
fromBase64String(java.lang.String input)
Convencience method to convert a Base64 encoded string to a byte arraystatic byte[]
fromHexString(java.lang.String input)
Convenience method to convert a hexadecimal encoded string to a byte arraystatic org.whispersystems.curve25519.Curve25519KeyPair
generateCurve25519Keypair()
Generates a Curve25519 keypairstatic byte[]
generateNonce()
Generate a random noncestatic byte[]
generateSymmetricKey()
Generate a random keystatic byte[]
oneWayBox(byte[] message, byte[] recipientPublicKey)
Encrypt a message to the given recipient using an ephemeral keypair, and attach the ephemeral public key to the message, so that it can be decrypted by the recipient without revealing who it is from.static byte[]
oneWayUnbox(byte[] ciphertextWithKey, org.whispersystems.curve25519.Curve25519KeyPair keyPair)
Decrypt a message encrypted with 'oneWayBox'static byte[]
secretBox(byte[] message, byte[] key, byte[] nonce)
Encrypt a message with a given symmetric key and noncestatic byte[]
secretUnbox(byte[] key, byte[] nonce, byte[] ciphertext)
Decrypt a message with the given symmetric key and noncestatic java.lang.String
toBase64String(byte[] input)
Convenience method to encode a byte array to a Base64 encoded stringstatic java.lang.String
toHexString(byte[] input)
Convenience method to encode a byte array to a hexadecimal stringstatic byte[]
unbox(byte[] ciphertext, org.whispersystems.curve25519.Curve25519KeyPair keypair, byte[] senderPublicKey)
decrypt a message from a given senderstatic byte[]
unbox(byte[] ciphertext, org.whispersystems.curve25519.Curve25519KeyPair keypair, byte[] senderPublicKey, byte[] contextData)
decrypt a message from a given sender, with additional contextual data
-
-
-
Field Detail
-
SYMMETRIC_KEY_BYTES
public static final int SYMMETRIC_KEY_BYTES
- See Also:
- Constant Field Values
-
NONCE_BYTES
public static final int NONCE_BYTES
- See Also:
- Constant Field Values
-
MAC_BYTES
public static final int MAC_BYTES
- See Also:
- Constant Field Values
-
BLAKE2B_BYTES
public static final int BLAKE2B_BYTES
- See Also:
- Constant Field Values
-
CURVE25519_PUBLIC_KEY_BYTES
public static final int CURVE25519_PUBLIC_KEY_BYTES
- See Also:
- Constant Field Values
-
CURVE25519_SECRET_KEY_BYTES
public static final int CURVE25519_SECRET_KEY_BYTES
- See Also:
- Constant Field Values
-
-
Method Detail
-
generateCurve25519Keypair
public static org.whispersystems.curve25519.Curve25519KeyPair generateCurve25519Keypair()
Generates a Curve25519 keypair- Returns:
- the keypair object
-
calculateAgreement
public static byte[] calculateAgreement(byte[] publicKey, byte[] privateKey)
Calculate a DH agreement- Parameters:
publicKey
-privateKey
-- Returns:
- the shared secret
-
blake2b
public static byte[] blake2b(byte[] message)
32 byte Blake2b hash without key- Parameters:
message
-- Returns:
- 32 byte hash
-
blake2b
public static byte[] blake2b(byte[] message, byte[] key)
32 byte Blake2b keyed hash- Parameters:
message
-key
-- Returns:
- 32 byte hash
-
box
public static byte[] box(byte[] message, org.whispersystems.curve25519.Curve25519KeyPair keypair, byte[] recipientPublicKey)
encrypt a message to the given recipient- Parameters:
message
-keypair
- your own Curve25519 keypairrecipientPublicKey
-- Returns:
- the ciphertext containing integrated MAC
-
box
public static byte[] box(byte[] message, org.whispersystems.curve25519.Curve25519KeyPair keypair, byte[] recipientPublicKey, byte[] contextData)
encrypt a message to the given recipient, with additional contextual data- Parameters:
message
-keypair
- your own Curve25519 keypairrecipientPublicKey
-contextData
- additional contextual data known by both parties- Returns:
- the ciphertext containing integrated MAC
-
unbox
public static byte[] unbox(byte[] ciphertext, org.whispersystems.curve25519.Curve25519KeyPair keypair, byte[] senderPublicKey) throws java.security.GeneralSecurityException
decrypt a message from a given sender- Parameters:
ciphertext
- the ciphertext with integrated MACkeypair
- your own curve25519 keypairsenderPublicKey
-- Returns:
- plaintext message
- Throws:
java.security.GeneralSecurityException
-
unbox
public static byte[] unbox(byte[] ciphertext, org.whispersystems.curve25519.Curve25519KeyPair keypair, byte[] senderPublicKey, byte[] contextData) throws java.security.GeneralSecurityException
decrypt a message from a given sender, with additional contextual data- Parameters:
ciphertext
- the ciphertext with integrated MACkeypair
- your own curve25519 keypairsenderPublicKey
-contextData
- additional contextual data known by both parties- Returns:
- plaintext message
- Throws:
java.security.GeneralSecurityException
-
generateSymmetricKey
public static byte[] generateSymmetricKey()
Generate a random key- Returns:
- a 32 byte key
-
generateNonce
public static byte[] generateNonce()
Generate a random nonce- Returns:
- a 24 byte nonce
-
encrypt
public static byte[] encrypt(byte[] message, byte[] key)
encrypt a message with the given symmetric key- Parameters:
message
-key
-- Returns:
- the ciphertext with integrated MAC and nonce
-
decrypt
public static byte[] decrypt(byte[] ciphertextWithNonce, byte[] key) throws java.security.GeneralSecurityException
Attempt to decrypt a message with a given symmetric key- Parameters:
ciphertextWithNonce
- ciphertext with integrated MAC and noncekey
-- Returns:
- either the plaintext or
- Throws:
java.security.GeneralSecurityException
-
secretBox
public static byte[] secretBox(byte[] message, byte[] key, byte[] nonce)
Encrypt a message with a given symmetric key and nonce- Parameters:
message
-key
-nonce
-- Returns:
- ciphertext with integrated MAC
-
secretUnbox
public static byte[] secretUnbox(byte[] key, byte[] nonce, byte[] ciphertext) throws java.security.GeneralSecurityException
Decrypt a message with the given symmetric key and nonce- Parameters:
key
-nonce
-ciphertext
-- Returns:
- either plaintext or
- Throws:
java.security.GeneralSecurityException
-
byteArrayConcat
public static byte[] byteArrayConcat(byte[] array1, byte[] array2)
Concatonate two byte arrays- Parameters:
array1
-array2
-- Returns:
- array1 concatonated with array2
-
oneWayBox
public static byte[] oneWayBox(byte[] message, byte[] recipientPublicKey)
Encrypt a message to the given recipient using an ephemeral keypair, and attach the ephemeral public key to the message, so that it can be decrypted by the recipient without revealing who it is from.- Parameters:
message
-recipientPublicKey
-- Returns:
- ciphertext including ephemeral public key, nonce and MAC
-
oneWayUnbox
public static byte[] oneWayUnbox(byte[] ciphertextWithKey, org.whispersystems.curve25519.Curve25519KeyPair keyPair) throws java.security.GeneralSecurityException
Decrypt a message encrypted with 'oneWayBox'- Parameters:
ciphertextWithKey
-keyPair
- of recipient- Returns:
- plaintext
- Throws:
java.security.GeneralSecurityException
-
toHexString
public static java.lang.String toHexString(byte[] input)
Convenience method to encode a byte array to a hexadecimal string- Parameters:
input
- a byte array- Returns:
- a hexadecimal encoded string
-
fromHexString
public static byte[] fromHexString(java.lang.String input)
Convenience method to convert a hexadecimal encoded string to a byte array- Parameters:
input
- a hexadecimal encoded string- Returns:
- a byte array
-
toBase64String
public static java.lang.String toBase64String(byte[] input)
Convenience method to encode a byte array to a Base64 encoded string- Parameters:
input
- a byte array- Returns:
- a Base64 encoded string
-
fromBase64String
public static byte[] fromBase64String(java.lang.String input)
Convencience method to convert a Base64 encoded string to a byte array- Parameters:
input
- a Base64 encoded string- Returns:
- a byte array
-
-