Package zeroecho.core.alg.cmce

Class CmceKemContext

java.lang.Object
zeroecho.core.alg.cmce.CmceKemContext
All Implemented Interfaces:
Closeable, AutoCloseable, CryptoContext, KemContext
public final class CmceKemContext extends Object implements KemContext

Classic McEliece (CMCE) KEM context

Holds the state required to perform CMCE key encapsulation or decapsulation. The operational mode is determined by the constructor used:

  • PublicKey constructor - encapsulate mode
  • PrivateKey constructor - decapsulate mode

Usage: 


 CryptoAlgorithm alg = ...;
 PublicKey recipient = ...;

 // Encapsulation
 try (CmceKemContext ctx = new CmceKemContext(alg, recipient)) {
   KemResult kem = ctx.encapsulate();
   byte[] ct = kem.ciphertext();
   byte[] secret = kem.secret();
   // send ct to recipient; use secret for key derivation
 }

 // Decapsulation
 PrivateKey myPriv = ...;
 byte[] ct = ...;
 try (CmceKemContext ctx = new CmceKemContext(alg, myPriv)) {
   byte[] secret = ctx.decapsulate(ct);
 }

Notes:

  • Encapsulation requires a CMCE public key; decapsulation requires a CMCE private key.
  • Returned arrays are owned by the caller; callers should clear secrets when no longer needed.
  • This class holds no external resources and is safe to close repeatedly.
Since:
1.0

  • Constructor Details

    • CmceKemContext

      public CmceKemContext(CryptoAlgorithm algorithm, PublicKey k)
      Creates an encapsulation context bound to a recipient public key.
      Parameters:
      algorithm - parent algorithm metadata (for diagnostics)
      k - CMCE public key
      Throws:
      NullPointerException - if any argument is null

    • CmceKemContext

      public CmceKemContext(CryptoAlgorithm algorithm, PrivateKey k)
      Creates a decapsulation context bound to a private key.
      Parameters:
      algorithm - parent algorithm metadata (for diagnostics)
      k - CMCE private key
      Throws:
      NullPointerException - if any argument is null

  • Method Details

    • algorithm

      public CryptoAlgorithm algorithm()
      Returns the parent algorithm descriptor for this context.
      Specified by:
      algorithm in interface CryptoContext
      Returns:
      algorithm descriptor; never null

    • key

      public Key key()
      Returns the key bound to this context.

      In encapsulate mode this is a PublicKey; in decapsulate mode it is a PrivateKey.

      Specified by:
      key in interface CryptoContext
      Returns:
      key used by this context; never null

    • close

      public void close()
      Releases resources held by this context.

      This implementation holds no resources and performs no action. It is safe to call multiple times.

      Specified by:
      close in interface AutoCloseable
      Specified by:
      close in interface Closeable
      Specified by:
      close in interface CryptoContext

    • encapsulate

      public KemContext.KemResult encapsulate() throws IOException
      Generates a CMCE ciphertext and shared secret using the stored public key.
      Specified by:
      encapsulate in interface KemContext
      Returns:
      result containing ciphertext and secret
      Throws:
      IllegalStateException - if this context is not in encapsulate mode
      IOException - if encapsulation fails

    • decapsulate

      public byte[] decapsulate(byte[] ciphertext) throws IOException
      Extracts the shared secret from the given ciphertext using the stored private key.
      Specified by:
      decapsulate in interface KemContext
      Parameters:
      ciphertext - CMCE ciphertext (must be non-null and non-empty)
      Returns:
      shared secret bytes
      Throws:
      IllegalStateException - if this context is not in decapsulate mode
      IllegalArgumentException - if ciphertext is null or empty
      IOException - if decapsulation fails