• Java
    • JAXB Tutorial
      • What is JAXB
      • JAXB Marshalling Example
      • JAXB UnMarshalling Example
  • Spring Tutorial
    • Spring Core Tutorial
    • Spring MVC Tutorial
      • Quick Start
        • Flow Diagram
        • Hello World Example
        • Form Handling Example
      • Handler Mapping
        • BeanNameUrlHandlerMapping
        • ControllerClassNameHandlerMapping
        • SimpleUrlHandlerMapping
      • Validation & Exception Handling
        • Validation+Annotations
        • Validation+ResourceBundle
        • @ExceptionHandler
        • @ControllerAdvice
        • Custom Exception Handling
      • Form Tag Library
        • Textbox Example
        • TextArea Example
        • Password Example
        • Dropdown Box Example
        • Checkboxes Example
        • Radiobuttons Example
        • HiddenValue Example
      • Misc
        • Change Config file name
    • Spring Boot Tutorial
  • Hibernate Tutorial
  • REST Tutorial
    • JAX-RS REST @PathParam Example
    • JAX-RS REST @QueryParam Example
    • JAX-RS REST @DefaultValue Example
    • JAX-RS REST @Context Example
    • JAX-RS REST @MatrixParam Example
    • JAX-RS REST @FormParam Example
    • JAX-RS REST @Produces Example
    • JAX-RS REST @Consumes Example
    • JAX-RS REST @Produces both XML and JSON Example
    • JAX-RS REST @Consumes both XML and JSON Example
  • Miscellaneous
    • JSON Parser
      • Read a JSON file
      • Write JSON object to File
      • Read / Write JSON using GSON
      • Java Object to JSON using JAXB
    • CSV Parser
      • Read / Write CSV file
      • Read/Parse/Write CSV File – OpenCSV
      • Export data into a CSV File
      • CsvToBean and BeanToCsv – OpenCSV

JavaInterviewPoint

Java Development Tutorials

Java ChaCha20 Poly1305 Encryption and Decryption Example

April 30, 2019 by javainterviewpoint Leave a Comment

ChaCha20 Poly1305 is an AEAD [Authenticated Encryption with Additional Data] cipher.In the ChaCha20-Poly1305 algorithm, ChaCha20 Stream cipher performs the Encryption and Poly1305 performs the Authentication. ChaCha20 encrypts the data using Key and IV (Initialization Vector), Poly1305 will be used on the encrypted text, and a MAC [Message Authentication Code]  is calculated and appended to the output.

What is Poly1305?

Poly1305 is a cryptographic Message Authentication Code (MAC) published in 2004. Compared to the more widely used HMAC, Poly1305 is extremely faster. Poly1305 can be used on both Encrypted and Decrypted messages, it generates the authentication token and the token guarantees the integrity of the message.

ChaCha20 running in AEAD mode with the Poly1305 authenticator will require only the nonce as the counter value is set to 1 (RFC 7539). When running in AEAD mode, output sizes will be different from inputs due to the addition of the authentication tag during Encryption or consumption of the authentication tag during Decryption.

Java ChaCha20 Poly1305 Encryption and Decryption Example

Java ChaCha20 Poly1305 Encryption and Decryption Example

package com.javainterviewpoint;

import java.security.spec.AlgorithmParameterSpec;
import java.util.Base64;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class ChaCha20Poly1305Example
{
	static String plainText = "This is a plain text which will be encrypted by ChaCha20 Poly1305 Algorithm";

	public static void main(String[] args) throws Exception
	{
		KeyGenerator keyGenerator = KeyGenerator.getInstance("ChaCha20");
		keyGenerator.init(256);

		// Generate Key
		SecretKey key = keyGenerator.generateKey();

		System.out.println("Original Text  : " + plainText);

		byte[] cipherText = encrypt(plainText.getBytes(), key);
		System.out.println("Encrypted Text : " + Base64.getEncoder().encodeToString(cipherText));

		String decryptedText = decrypt(cipherText, key);
		System.out.println("DeCrypted Text : " + decryptedText);

	}

	public static byte[] encrypt(byte[] plaintext, SecretKey key) throws Exception
	{
		byte[] nonceBytes = new byte[12];

		// Get Cipher Instance
		Cipher cipher = Cipher.getInstance("ChaCha20-Poly1305/None/NoPadding");
		
		// Create IvParamterSpec
		AlgorithmParameterSpec ivParameterSpec = new IvParameterSpec(nonceBytes);

		// Create SecretKeySpec
		SecretKeySpec keySpec = new SecretKeySpec(key.getEncoded(), "ChaCha20");

		// Initialize Cipher for ENCRYPT_MODE
		cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivParameterSpec);

		// Perform Encryption
		byte[] cipherText = cipher.doFinal(plaintext);

		return cipherText;
	}

	public static String decrypt(byte[] cipherText, SecretKey key) throws Exception
	{
		byte[] nonceBytes = new byte[12];

		// Get Cipher Instance
		Cipher cipher = Cipher.getInstance("ChaCha20-Poly1305/None/NoPadding");

		// Create IvParamterSpec
		AlgorithmParameterSpec ivParameterSpec = new IvParameterSpec(nonceBytes);
				
		// Create SecretKeySpec
		SecretKeySpec keySpec = new SecretKeySpec(key.getEncoded(), "ChaCha20");

		// Initialize Cipher for DECRYPT_MODE
		cipher.init(Cipher.DECRYPT_MODE, keySpec, ivParameterSpec);

		// Perform Decryption
		byte[] decryptedText = cipher.doFinal(cipherText);

		return new String(decryptedText);
	}
}
  • KeyGenerator Class instance is obtained by passing the encryption algorithm to the getInstance() method, in our case it is ChaCha20. The KeyGenerator class generates the symmetric encryption keys
KeyGenerator keyGenerator = KeyGenerator.getInstance("ChaCha20");
  • Now we need to initialize the keyGenerator instance, we can do so by calling the init() method.  Java 11 has added support to generate a 256-bit key only, so no other key size can be passed.
keyGenerator.init(256);
  • Generate the symmetric SecretKey by calling the generateKey() method on top of the KeyGenerator instance.
SecretKey key = keyGenerator.generateKey();
  • We have a declared 12-byte nonce and we don’t have the counter value here as it is set to 1 by default. The nonce value must be 96 bits in length (12 bytes), any other length cannot be used as it results in an exception.
byte[] nonceBytes = new byte[12];
  • Cipher class handles the actual encryption and decryption. Cipher class instance is created by calling the getInstance() method by passing the Cipher name as the parameter, in our case, it is ChaCha20-Poly1305 which is the name of the encryption algorithm, the mode is None and padding is NoPadding.
Cipher cipher = Cipher.getInstance("ChaCha20-Poly1305/None/NoPadding");
  • No other modes or padding values other than “None” and “NoPadding” will be accepted. If we try to use any other modes or padding we will be getting an error like “Mode must be None” or “Padding must be NoPadding”.
  • Instead of using ChaCha20ParameterSpec, we have used IvParameterSpec to which the12-byte nonce is passed,this allows ChaCha20-Poly1305 to be backported to earlier releases without making any API changes.
AlgorithmParameterSpec ivParameterSpec = new IvParameterSpec(nonceBytes);
  • The SecretKeySpec converts the secret key suitable to be passed to init() method of the Cipher class.
SecretKeySpec keySpec = new SecretKeySpec(key.getEncoded(), "ChaCha20");
  • The Cipher class can be initialized by calling the init() method by passing the below three parameters
    • Mode – Cipher.ENCRYPT_MODE for encryption or Cipher.DECRYPT_MODE for decryption.
    • Key – we need to pass the SecretKeySpec
    • AlgorithmParameterSpec – we need to pass the ivParameterSpec [IvParameterSpec class implements AlgorithmParameterSpec]
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivParameterSpec);

(or)

cipher.init(Cipher.DECRYPT_MODE, keySpec, ivParameterSpec);
  • In order to perform the encryption, initialize the cipher in ENCRYPT_MODE and call the doFinal() method on top of the cipher instance passing the plainText as the parameter.
byte[] cipherText = cipher.doFinal(plaintext);
  • Encode the cipherText with Base64 encoding, in order to prevent modification when the cipherText is transferred.
Base64.getEncoder().encodeToString(cipherText)
  • In order to perform decryption, initialize the cipher in DECRYPT_MODE and call the doFinal() method on top of the cipher instance passing the cipherText as the parameter.
byte[] decryptedText = cipher.doFinal(cipherText);

Output:

Original Text  : This is a plain text which will be encrypted by ChaCha20 Poly1305 Algorithm
Encrypted Text : +s9gE+j8jijJE6OKZgvo3+YzoA4Hwylv77Xiftm+REOKtnPVjJ4RpcVzP6+vpfeDLvVOpaGqYK5l5djJM3Kzbttdjm3NkZPSn6Pfe6E9J5tVpmxHTIy2pquF4w==
DeCrypted Text : This is a plain text which will be encrypted by ChaCha20 Poly1305 Algorithm

Other interesting articles which you may like …

  • ChaCha20 Encryption and Decryption
  • RSA Encryption and Decryption
  • AES 256 Encryption and Decryption
  • AES 128 Encryption and Decryption
  • Java URL Encode and Decode Example
  • Java Salted Password Hashing
  • Google Tink Example – Google Cryptography
  • Constructor in Java
  • Private Constructors in Java
  • Java Constructor Chaining with example
  • Java – Constructor in an Interface?
  • Constructor.newInstance() method
  • Parameterized Constructor in Java
  • Java 8 – Lambda Expressions
  • Java 8 – ForEach Example
  • Java 8 Default Methods in Interface
  • Multiple Inheritance in Java 8 through Interface
  • Java 9 – jdeprscan
  • Private Methods in Interfaces Java 9
  • Java Method Overloading Example
  • Java Constructor Overloading Example
  • Java this keyword | Core Java Tutorial
  • Java super keyword
  • Abstract Class in Java
  • Interface in Java and Uses of Interface in Java
  • What is Marker Interface
  • Serialization and Deserialization in Java with Example
  • Generate SerialVersionUID in Java
  • Java Autoboxing and Unboxing Examples
  • Use of Java Transient Keyword – Serailization Example
  • Use of static Keyword in Java
  • What is Method Overriding in Java
  • Encapsulation in Java with Example
  • Final Keyword in Java | Java Tutorial
  • Java Static Import
  • Java – How System.out.println() really work?
  • Java Ternary operator
  • Java newInstance() method

Filed Under: Core Java, Java Tagged With: ChaCha20 Poly1305, ChaCha20 Poly1305 Encryption, ChaCha20 Poly1305 Encryption and Decryption, Java ChaCha20 Poly1305, Java ChaCha20 Poly1305 Encryption

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Java Basics

  • JVM Architecture
  • Object in Java
  • Class in Java
  • How to Set Classpath for Java in Windows
  • Components of JDK
  • Decompiling a class file
  • Use of Class.forName in java
  • Use Class.forName in SQL JDBC

Oops Concepts

  • Inheritance in Java
  • Types of Inheritance in Java
  • Single Inheritance in Java
  • Multiple Inheritance in Java
  • Multilevel Inheritance in Java
  • Hierarchical Inheritance in Java
  • Hybrid Inheritance in Java
  • Polymorphism in Java – Method Overloading and Overriding
  • Types of Polymorphism in java
  • Method Overriding in Java
  • Can we Overload static methods in Java
  • Can we Override static methods in Java
  • Java Constructor Overloading
  • Java Method Overloading Example
  • Encapsulation in Java with Example
  • Constructor in Java
  • Constructor in an Interface?
  • Parameterized Constructor in Java
  • Constructor Chaining with example
  • What is the use of a Private Constructors in Java
  • Interface in Java
  • What is Marker Interface
  • Abstract Class in Java

Java Keywords

  • Java this keyword
  • Java super keyword
  • Final Keyword in Java
  • static Keyword in Java
  • Static Import
  • Transient Keyword

Miscellaneous

  • newInstance() method
  • How does Hashmap works internally in Java
  • Java Ternary operator
  • How System.out.println() really work?
  • Autoboxing and Unboxing Examples
  • Serialization and Deserialization in Java with Example
  • Generate SerialVersionUID in Java
  • How to make a class Immutable in Java
  • Differences betwen HashMap and Hashtable
  • Difference between Enumeration and Iterator ?
  • Difference between fail-fast and fail-safe Iterator
  • Difference Between Interface and Abstract Class in Java
  • Difference between equals() and ==
  • Sort Objects in a ArrayList using Java Comparable Interface
  • Sort Objects in a ArrayList using Java Comparator

Follow

  • Coding Utils

Useful Links

  • Spring 4.1.x Documentation
  • Spring 3.2.x Documentation
  • Spring 2.5.x Documentation
  • Java 6 API
  • Java 7 API
  • Java 8 API
  • Java EE 5 Tutorial
  • Java EE 6 Tutorial
  • Java EE 7 Tutorial
  • Maven Repository
  • Hibernate ORM

About JavaInterviewPoint

javainterviewpoint.com is a tech blog dedicated to all Java/J2EE developers and Web Developers. We publish useful tutorials on Java, J2EE and all latest frameworks.

All examples and tutorials posted here are very well tested in our development environment.

Connect with us on Facebook | Privacy Policy | Sitemap

Copyright ©2023 · Java Interview Point - All Rights Are Reserved ·