AuthenticatedCipher interface isn't needed outside crypto package.

briar-api/src/org/briarproject/api/crypto/CryptoComponent.java

@@ -77,9 +77,6 @@ public interface CryptoComponent {
 	 */
 	SecretKey deriveFrameKey(byte[] secret, long streamNumber, boolean alice);
 
-	/** Returns a cipher for encrypting and authenticating frames. */
-	AuthenticatedCipher getFrameCipher();
-
 	/** Encodes the pseudo-random tag that is used to recognise a stream. */
 	void encodeTag(byte[] tag, SecretKey tagKey, long streamNumber);
 

briar-core/src/org/briarproject/crypto/AuthenticatedCipher.java

@@ -1,11 +1,14 @@
-package org.briarproject.api.crypto;
+package org.briarproject.crypto;
 
 import java.security.GeneralSecurityException;
 
-public interface AuthenticatedCipher {
+import org.briarproject.api.crypto.SecretKey;
+
+interface AuthenticatedCipher {
 
 	/**
-	 * Initializes this cipher with a key and an initialisation vector (IV).
+	 * Initializes this cipher for encryption or decryption with a key and an
+	 * initialisation vector (IV).
 	 */
 	void init(boolean encrypt, SecretKey key, byte[] iv)
 			throws GeneralSecurityException;
@@ -16,7 +19,4 @@ public interface AuthenticatedCipher {
 
 	/** Returns the length of the message authentication code (MAC) in bytes. */
 	int getMacBytes();
-
-	/** Returns the block size of the cipher in bytes. */
-	int getBlockBytes();
 }

briar-core/src/org/briarproject/crypto/AuthenticatedCipherImpl.java

@@ -1,8 +1,9 @@
 package org.briarproject.crypto;
 
+import static org.briarproject.api.transport.TransportConstants.MAC_LENGTH;
+
 import java.security.GeneralSecurityException;
 
-import org.briarproject.api.crypto.AuthenticatedCipher;
 import org.briarproject.api.crypto.SecretKey;
 import org.spongycastle.crypto.DataLengthException;
 import org.spongycastle.crypto.InvalidCipherTextException;
@@ -15,8 +16,6 @@ import org.spongycastle.crypto.params.KeyParameter;
 
 class AuthenticatedCipherImpl implements AuthenticatedCipher {
 
-	private static final int MAC_BYTES = 16;
-
 	private final AEADBlockCipher cipher;
 
 	AuthenticatedCipherImpl() {
@@ -44,7 +43,7 @@ class AuthenticatedCipherImpl implements AuthenticatedCipher {
 			throws GeneralSecurityException {
 		KeyParameter k = new KeyParameter(key.getBytes());
 		// Authenticate the IV by passing it as additional authenticated data
-		AEADParameters params = new AEADParameters(k, MAC_BYTES * 8, iv, iv);
+		AEADParameters params = new AEADParameters(k, MAC_LENGTH * 8, iv, iv);
 		try {
 			cipher.init(encrypt, params);
 		} catch(IllegalArgumentException e) {
@@ -53,10 +52,6 @@ class AuthenticatedCipherImpl implements AuthenticatedCipher {
 	}
 
 	public int getMacBytes() {
-		return MAC_BYTES;
-	}
-
-	public int getBlockBytes() {
-		return cipher.getUnderlyingCipher().getBlockSize();
+		return MAC_LENGTH;
 	}
 }

briar-core/src/org/briarproject/crypto/CryptoComponentImpl.java

@@ -17,7 +17,6 @@ import java.util.logging.Logger;
 
 import javax.inject.Inject;
 
-import org.briarproject.api.crypto.AuthenticatedCipher;
 import org.briarproject.api.crypto.CryptoComponent;
 import org.briarproject.api.crypto.KeyPair;
 import org.briarproject.api.crypto.KeyParser;
@@ -290,14 +289,6 @@ class CryptoComponentImpl implements CryptoComponent {
 		return new SecretKey(counterModeKdf(secret, label, context));
 	}
 
-	public AuthenticatedCipher getFrameCipher() {
-		return getAuthenticatedCipher();
-	}
-
-	private AuthenticatedCipher getAuthenticatedCipher() {
-		return new AuthenticatedCipherImpl();
-	}
-
 	public void encodeTag(byte[] tag, SecretKey tagKey, long streamNumber) {
 		if(tag.length < TAG_LENGTH) throw new IllegalArgumentException();
 		if(streamNumber < 0 || streamNumber > MAX_32_BIT_UNSIGNED)
@@ -312,7 +303,7 @@ class CryptoComponentImpl implements CryptoComponent {
 	}
 
 	public byte[] encryptWithPassword(byte[] input, String password) {
-		AuthenticatedCipher cipher = getAuthenticatedCipher();
+		AuthenticatedCipher cipher = new AuthenticatedCipherImpl();
 		int macBytes = cipher.getMacBytes();
 		// Generate a random salt
 		byte[] salt = new byte[PBKDF_SALT_BYTES];
@@ -342,7 +333,7 @@ class CryptoComponentImpl implements CryptoComponent {
 	}
 
 	public byte[] decryptWithPassword(byte[] input, String password) {
-		AuthenticatedCipher cipher = getAuthenticatedCipher();
+		AuthenticatedCipher cipher = new AuthenticatedCipherImpl();
 		int macBytes = cipher.getMacBytes();
 		// The input contains the salt, iterations, IV, ciphertext and MAC
 		if(input.length < PBKDF_SALT_BYTES + 4 + STORAGE_IV_BYTES + macBytes)

briar-core/src/org/briarproject/crypto/StreamDecrypterFactoryImpl.java

@@ -27,7 +27,8 @@ class StreamDecrypterFactoryImpl implements StreamDecrypterFactory {
 		boolean alice = !ctx.getAlice();
 		SecretKey frameKey = crypto.deriveFrameKey(secret, streamNumber, alice);
 		// Create the decrypter
-		return new StreamDecrypterImpl(in, crypto.getFrameCipher(), frameKey);
+		AuthenticatedCipher cipher = new AuthenticatedCipherImpl();
+		return new StreamDecrypterImpl(in, cipher, frameKey);
 	}
 
 	public StreamDecrypter createInvitationStreamDecrypter(InputStream in,
@@ -35,6 +36,7 @@ class StreamDecrypterFactoryImpl implements StreamDecrypterFactory {
 		// Derive the frame key
 		SecretKey frameKey = crypto.deriveFrameKey(secret, 0, alice);
 		// Create the decrypter
-		return new StreamDecrypterImpl(in, crypto.getFrameCipher(), frameKey);
+		AuthenticatedCipher cipher = new AuthenticatedCipherImpl();
+		return new StreamDecrypterImpl(in, cipher, frameKey);
 	}
 }

briar-core/src/org/briarproject/crypto/StreamDecrypterImpl.java

@@ -12,7 +12,6 @@ import java.io.InputStream;
 import java.security.GeneralSecurityException;
 
 import org.briarproject.api.FormatException;
-import org.briarproject.api.crypto.AuthenticatedCipher;
 import org.briarproject.api.crypto.SecretKey;
 import org.briarproject.api.crypto.StreamDecrypter;
 

briar-core/src/org/briarproject/crypto/StreamEncrypterFactoryImpl.java

@@ -33,8 +33,8 @@ class StreamEncrypterFactoryImpl implements StreamEncrypterFactory {
 		// Derive the frame key
 		SecretKey frameKey = crypto.deriveFrameKey(secret, streamNumber, alice);
 		// Create the encrypter
-		return new StreamEncrypterImpl(out, crypto.getFrameCipher(), frameKey,
-				tag);
+		AuthenticatedCipher cipher = new AuthenticatedCipherImpl();
+		return new StreamEncrypterImpl(out, cipher, frameKey, tag);
 	}
 
 	public StreamEncrypter createInvitationStreamEncrypter(OutputStream out,
@@ -42,7 +42,7 @@ class StreamEncrypterFactoryImpl implements StreamEncrypterFactory {
 		// Derive the frame key
 		SecretKey frameKey = crypto.deriveFrameKey(secret, 0, alice);
 		// Create the encrypter
-		return new StreamEncrypterImpl(out, crypto.getFrameCipher(), frameKey,
-				null);
+		AuthenticatedCipher cipher = new AuthenticatedCipherImpl();
+		return new StreamEncrypterImpl(out, cipher, frameKey, null);
 	}
 }

briar-core/src/org/briarproject/crypto/StreamEncrypterImpl.java

@@ -11,7 +11,6 @@ import java.io.IOException;
 import java.io.OutputStream;
 import java.security.GeneralSecurityException;
 
-import org.briarproject.api.crypto.AuthenticatedCipher;
 import org.briarproject.api.crypto.SecretKey;
 import org.briarproject.api.crypto.StreamEncrypter;
 

briar-tests/src/org/briarproject/crypto/StreamEncrypterImplTest.java

@@ -9,7 +9,6 @@ import java.io.ByteArrayOutputStream;
 import java.util.Random;
 
 import org.briarproject.BriarTestCase;
-import org.briarproject.api.crypto.AuthenticatedCipher;
 import org.briarproject.api.crypto.SecretKey;
 import org.junit.Test;
 

briar-tests/src/org/briarproject/crypto/TestAuthenticatedCipher.java

@@ -4,13 +4,10 @@ import static org.briarproject.api.transport.TransportConstants.MAC_LENGTH;
 
 import java.security.GeneralSecurityException;
 
-import org.briarproject.api.crypto.AuthenticatedCipher;
 import org.briarproject.api.crypto.SecretKey;
 
 class TestAuthenticatedCipher implements AuthenticatedCipher {
 
-	private static final int BLOCK_BYTES = 16;
-
 	private boolean encrypt = false;
 
 	public void init(boolean encrypt, SecretKey key, byte[] iv)
@@ -38,8 +35,4 @@ class TestAuthenticatedCipher implements AuthenticatedCipher {
 	public int getMacBytes() {
 		return MAC_LENGTH;
 	}
-
-	public int getBlockBytes() {
-		return BLOCK_BYTES;
-	}
 }