package com.google.crypto.tink.subtle;
import com.google.crypto.tink.Aead;
import com.google.crypto.tink.HybridEncrypt;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.interfaces.ECPublicKey;
public final class EciesAeadHkdfHybridEncrypt implements HybridEncrypt {
private static final byte[] EMPTY_AAD = new byte[0];
private final EciesHkdfSenderKem senderKem;
private final String hkdfHmacAlgo;
private final byte[] hkdfSalt;
private final EllipticCurves.PointFormatType ecPointFormat;
private final EciesAeadHkdfDemHelper demHelper;
public EciesAeadHkdfHybridEncrypt(
final ECPublicKey recipientPublicKey,
final byte[] hkdfSalt,
String hkdfHmacAlgo,
EllipticCurves.PointFormatType ecPointFormat,
EciesAeadHkdfDemHelper demHelper)
throws GeneralSecurityException {
EllipticCurves.checkPublicKey(recipientPublicKey);
this.senderKem = new EciesHkdfSenderKem(recipientPublicKey);
this.hkdfSalt = hkdfSalt;
this.hkdfHmacAlgo = hkdfHmacAlgo;
this.ecPointFormat = ecPointFormat;
this.demHelper = demHelper;
}
@Override
public byte[] encrypt(final byte[] plaintext, final byte[] contextInfo)
throws GeneralSecurityException {
EciesHkdfSenderKem.KemKey kemKey =
senderKem.generateKey(
hkdfHmacAlgo,
hkdfSalt,
contextInfo,
demHelper.getSymmetricKeySizeInBytes(),
ecPointFormat);
Aead aead = demHelper.getAead(kemKey.getSymmetricKey());
byte[] ciphertext = aead.encrypt(plaintext, EMPTY_AAD);
byte[] header = kemKey.getKemBytes();
return ByteBuffer.allocate(header.length + ciphertext.length)
.put(header)
.put(ciphertext)
.array();
}
}