net.ninthtest.crypto.helix
Class HelixDecryption

java.lang.Object
  extended by net.ninthtest.crypto.helix.HelixDecryption
All Implemented Interfaces:
HelixPrimitive

public class HelixDecryption
extends Object

A Helix primitive for a single decryption operation.

This primitive can be used for decryption only, or for decryption-with-MAC-verification, based upon how the instance is constructed.

Version:
1.0
Author:
Matthew Zipay (mattz@ninthtest.info)

Constructor Summary
HelixDecryption(byte[] key, byte[] nonce)
          Creates a new HelixDecryption primitive using the specified key and nonce.
HelixDecryption(byte[] key, byte[] nonce, byte[] expectedMac)
          Creates a new HelixDecryption primitive using the specified key, nonce, and expected MAC.
 
Method Summary
 int bufferSize()
          Returns the number of bytes that are currently buffered.
protected  void doBlock(int word)
          Applies a single Helix block to an input word.
 byte[] feed(byte[] part)
          Processes the next whole number of words (32-bit integers) from part.
 byte[] finish(byte[] cipherTextBytes)
          Completes a Helix encryption/decryption operation.
 byte[] getGeneratedMac()
          Returns the MAC that was generated following a successful encryption/decryption operation.
protected  int nextStateWord()
          Returns the next state word for use in the main encryption/decryption loop.
protected  int[] transformWords(int[] cipherTextWords, int mask)
          Performs the main encryption/decryption loop.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

HelixDecryption

public HelixDecryption(byte[] key,
                       byte[] nonce)
Creates a new HelixDecryption primitive using the specified key and nonce.

A HelixDecryption primitive constructed in this way will not perform MAC verification. However, the generated MAC is still retrievable (via the getGeneratedMac() method) after the successful completion of the decryption operation.

Parameters:
key - the Helix key (cannot exceed 32 bytes in length)
nonce - the Helix nonce (must be exactly 16 bytes in length)

HelixDecryption

public HelixDecryption(byte[] key,
                       byte[] nonce,
                       byte[] expectedMac)
Creates a new HelixDecryption primitive using the specified key, nonce, and expected MAC.

A HelixDecryption primitive constructed in this way will verify the generated MAC against expectedMac on the successful completion of the decryption operation if expectedMac is not null.

Parameters:
key - the Helix key (cannot exceed 32 bytes in length)
nonce - the Helix nonce (must be exactly 16 bytes in length)
expectedMac - the Helix MAC that is expected to be generated after the decryption operation completes successfully (or null to bypass MAC verification)
Method Detail

finish

public byte[] finish(byte[] cipherTextBytes)
Completes a Helix encryption/decryption operation.

If this method completes successfully, the generated MAC can be retrieved using the HelixPrimitive.getGeneratedMac() method.

All remaining bytes (buffered + part) are processed. Up to three zero-bytes of padding are added to the remaining bytes to ensure that there is a whole number of words to process. Any padded bytes are masked off when the operation is completed.

If this method completes successfully, the generated MAC can be retrieved using the HelixPrimitive.getGeneratedMac() method.

Specified by:
finish in interface HelixPrimitive
Parameters:
cipherTextBytes - the final group of ciphertext bytes to be decrypted
Returns:
the final group of decrypted (plaintext) bytes
Throws:
MessageAuthenticationException - if this primitive was constructed with an expected MAC, and MAC verification fails

transformWords

protected int[] transformWords(int[] cipherTextWords,
                               int mask)
Performs the main encryption/decryption loop.

Parameters:
cipherTextWords - the next group of ciphertext words to be
mask - a 32-bit integer used to mask off extra bytes (if any) on the last group of ciphertext words
Returns:
the decrypted words (plaintext)

nextStateWord

protected final int nextStateWord()
Returns the next state word for use in the main encryption/decryption loop.

Returns:
the state word Z[0].

doBlock

protected final void doBlock(int word)
Applies a single Helix block to an input word.

Parameters:
word - a single word (32-bit integer) of plaintext or ciphertext

feed

public final byte[] feed(byte[] part)
Processes the next whole number of words (32-bit integers) from part.

Up to three bytes at the end of part may be buffered for the next call, in order to ensure that only a whole number of words are processed during this call.

Specified by:
feed in interface HelixPrimitive
Parameters:
part - the next sequence of bytes to be processed by this primitive
Returns:
an array of bytes representing plaintext or ciphertext, depending on the operation mode of this primitive

bufferSize

public final int bufferSize()
Returns the number of bytes that are currently buffered.

Specified by:
bufferSize in interface HelixPrimitive
Returns:
an integer in the range [0..3]

getGeneratedMac

public final byte[] getGeneratedMac()
Returns the MAC that was generated following a successful encryption/decryption operation.

Specified by:
getGeneratedMac in interface HelixPrimitive
Returns:
the generated MAC bytes
Throws:
IllegalStateException - if the encryption/decryption operation has not completed successfully


Copyright © 2010-2014 Matthew Zipay. All Rights Reserved.