Package io.fluxcapacitor.common.encryption

Class ChaCha20Poly1305Encryption

java.lang.Object
io.fluxcapacitor.common.encryption.ChaCha20Poly1305Encryption
All Implemented Interfaces:
Encryption
public class ChaCha20Poly1305Encryption extends Object implements Encryption
Implementation of Encryption using the ChaCha20-Poly1305 authenticated encryption algorithm.

This class provides secure, fast, and cross-platform compatible encryption and decryption for String values using the ChaCha20-Poly1305 AEAD cipher. The ChaCha20 stream cipher paired with the Poly1305 MAC ensures both confidentiality and integrity.

Key Characteristics:

  • Uses a 256-bit symmetric key.
  • Each encryption operation uses a unique 96-bit (12-byte) random nonce.
  • The output is Base64-encoded and formatted as: nonce:ciphertext:tag
  • Compatible with other ChaCha20-Poly1305 implementations across platforms.
  • Tag length is fixed at 16 bytes.

Usage:

Instances can be constructed directly or via DefaultEncryption, which wraps this implementation and adds encryption metadata (e.g., algorithm prefix).

Notes:

This implementation is adapted from: https://github.com/java-crypto/cross_platform_crypto.

See Also:

  • Field Details

  • Constructor Details

    • ChaCha20Poly1305Encryption

      public ChaCha20Poly1305Encryption()

    • ChaCha20Poly1305Encryption

      public ChaCha20Poly1305Encryption(String encryptionKey)

  • Method Details

    • encrypt

      public String encrypt(String value)
      Description copied from interface: Encryption
      Encrypts the given plain-text value using the configured encryption algorithm and key.
      Specified by:
      encrypt in interface Encryption
      Parameters:
      value - the plain-text value to encrypt
      Returns:
      the encrypted form of the input value

    • decrypt

      public String decrypt(String value)
      Description copied from interface: Encryption
      Decrypts the given encrypted value.

      This method assumes that the input is a properly formatted encrypted value produced by the corresponding Encryption.encrypt(String) method.

      Specified by:
      decrypt in interface Encryption
      Parameters:
      value - the encrypted string to decrypt
      Returns:
      the decrypted plain-text value

    • getAlgorithm

      public String getAlgorithm()
      Description copied from interface: Encryption
      Returns the name or identifier of the encryption algorithm used.
      Specified by:
      getAlgorithm in interface Encryption
      Returns:
      the name of the algorithm (e.g., "AES", "RSA", "noop")

    • getEncryptionKey

      public String getEncryptionKey()
      Description copied from interface: Encryption
      Returns the encryption key used by this implementation.
      Specified by:
      getEncryptionKey in interface Encryption
      Returns:
      the configured key for encryption/decryption, usually a secret or secret reference

    • isEncrypted

      public boolean isEncrypted(String value)
      Description copied from interface: Encryption
      Returns true if the given value is considered encrypted by this implementation.

      Useful for avoiding double-encryption or determining if decryption is required.

      Specified by:
      isEncrypted in interface Encryption
      Parameters:
      value - the value to check
      Returns:
      true if the value appears to be encrypted, false otherwise