|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--javax.crypto.Cipher
This class provides the functionality of a cryptographic cipher for encryption and decryption. It forms the core of the Java Cryptographic Extension (JCE) framework.
In order to create a Cipher object, the application calls the
Cipher's getInstance
method, and passes the name of the
requested transformation to it. Optionally, the name of a provider
may be specified.
A transformation is a string that describes the operation (or set of operations) to be performed on the given input, to produce some output. A transformation always includes the name of a cryptographic algorithm (e.g., DES), and may be followed by a feedback mode and padding scheme.
A transformation is of the form:
(in the latter case, provider-specific default values for the mode and padding scheme are used). For example, the following is a valid transformation:
Cipher c = Cipher.getInstance("DES/CBC/PKCS5Padding");
When requesting a block cipher in stream cipher mode (e.g.,
DES
in CFB
or OFB
mode), the user may
optionally specify the number of bits to be
processed at a time, by appending this number to the mode name as shown in
the "DES/CFB8/NoPadding" and "DES/OFB32/PKCS5Padding"
transformations. If no such number is specified, a provider-specific default
is used. (For example, the "SunJCE" provider uses a default of 64 bits.)
KeyGenerator
,
SecretKey
Field Summary | |
static int |
DECRYPT_MODE
|
static int |
ENCRYPT_MODE
|
Constructor Summary | |
protected |
Cipher(CipherSpi cipherSpi,
java.security.Provider provider,
java.lang.String transformation)
Creates a Cipher object. |
Method Summary | |
byte[] |
doFinal()
Finishes a multiple-part encryption or decryption operation, depending on how this cipher was initialized. |
byte[] |
doFinal(byte[] input)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. |
int |
doFinal(byte[] output,
int outputOffset)
Finishes a multiple-part encryption or decryption operation, depending on how this cipher was initialized. |
byte[] |
doFinal(byte[] input,
int inputOffset,
int inputLen)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. |
int |
doFinal(byte[] input,
int inputOffset,
int inputLen,
byte[] output)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. |
int |
doFinal(byte[] input,
int inputOffset,
int inputLen,
byte[] output,
int outputOffset)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. |
java.lang.String |
getAlgorithm()
Returns the algorithm name of this Cipher object. |
int |
getBlockSize()
Returns the block size (in bytes). |
static Cipher |
getInstance(java.lang.String transformation)
Generates a Cipher object that implements the specified
transformation. |
static Cipher |
getInstance(java.lang.String transformation,
java.lang.String provider)
Creates a Cipher object that implements the specified
transformation, as supplied by the specified provider. |
byte[] |
getIV()
Returns the initialization vector (IV) in a new buffer. |
int |
getOutputSize(int inputLen)
Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or
doFinal operation, given the input length
inputLen (in bytes). |
java.security.AlgorithmParameters |
getParameters()
Returns the parameters used with this cipher. |
java.security.Provider |
getProvider()
Returns the provider of this Cipher object. |
void |
init(int opmode,
java.security.Key key)
Initializes this cipher with a key. |
void |
init(int opmode,
java.security.Key key,
java.security.AlgorithmParameters params)
Initializes this cipher with a key and a set of algorithm parameters. |
void |
init(int opmode,
java.security.Key key,
java.security.spec.AlgorithmParameterSpec params)
Initializes this cipher with a key and a set of algorithm parameters. |
void |
init(int opmode,
java.security.Key key,
java.security.spec.AlgorithmParameterSpec params,
java.security.SecureRandom random)
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness. |
void |
init(int opmode,
java.security.Key key,
java.security.AlgorithmParameters params,
java.security.SecureRandom random)
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness. |
void |
init(int opmode,
java.security.Key key,
java.security.SecureRandom random)
Initializes this cipher with a key and a source of randomness. |
byte[] |
update(byte[] input)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part. |
byte[] |
update(byte[] input,
int inputOffset,
int inputLen)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part. |
int |
update(byte[] input,
int inputOffset,
int inputLen,
byte[] output)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part. |
int |
update(byte[] input,
int inputOffset,
int inputLen,
byte[] output,
int outputOffset)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part. |
Methods inherited from class java.lang.Object |
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
Field Detail |
public static final int ENCRYPT_MODE
public static final int DECRYPT_MODE
Constructor Detail |
protected Cipher(CipherSpi cipherSpi, java.security.Provider provider, java.lang.String transformation)
cipherSpi
- the delegateprovider
- the providertransformation
- the transformationMethod Detail |
public static final Cipher getInstance(java.lang.String transformation) throws java.security.NoSuchAlgorithmException, NoSuchPaddingException
Cipher
object that implements the specified
transformation.
If the default provider package supplies an implementation of the
requested transformation, an instance of Cipher
containing
that implementation is returned.
If the transformation is not available in the default provider package,
other provider packages are searched.
transformation
- the name of the transformation, e.g.,
DES/CBC/PKCS5Padding.
See Appendix A in the
Java Cryptography Extension API Specification & Reference
for information about standard transformation names.transformation
contains a padding scheme that is not available.public static final Cipher getInstance(java.lang.String transformation, java.lang.String provider) throws java.security.NoSuchAlgorithmException, java.security.NoSuchProviderException, NoSuchPaddingException
Cipher
object that implements the specified
transformation, as supplied by the specified provider.transformation
- the name of the transformation,
e.g., DES/CBC/PKCS5Padding.
See Appendix A in the
Java Cryptography Extension API Specification & Reference
for information about standard transformation names.provider
- the name of the providertransformation
contains a padding scheme that is not available.public final java.security.Provider getProvider()
Cipher
object.Cipher
objectpublic final java.lang.String getAlgorithm()
Cipher
object.
This is the same name that was specified in one of the
getInstance
calls that created this Cipher
object..
Cipher
object.public final int getBlockSize()
public final int getOutputSize(int inputLen) throws java.lang.IllegalStateException
update
or
doFinal
operation, given the input length
inputLen
(in bytes).
This call takes into account any unprocessed (buffered) data from a
previous update
call, and padding.
The actual output length of the next update
or
doFinal
call may be smaller than the length returned by
this method.
inputLen
- the input length (in bytes)public final byte[] getIV()
This is useful in the case where a random IV was created, or in the context of password-based encryption or decryption, where the IV is derived from a user-supplied password.
public final java.security.AlgorithmParameters getParameters()
The returned parameters may be the same that were used to initialize this cipher, or may contain a combination of default and random parameter values used by the underlying cipher implementation if this cipher requires algorithm parameters but was not initialized with any.
public final void init(int opmode, java.security.Key key) throws java.security.InvalidKeyException
The cipher is initialized for encryption or decryption, depending on
the value of opmode
.
If this cipher requires any algorithm parameters that cannot be
derived from the given key
, the underlying cipher
implementation is supposed to generate the required parameters itself
(using provider-specific default or random values) if it is being
initialized for encryption, and raise an
InvalidKeyException
if it is being
initialized for decryption.
The generated parameters can be retrieved using
getParameters or
getIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes (e.g., for parameter generation), it will get
them using the
SecureRandom
implementation of the highest-priority
installed provider as the source of randomness.
(If none of the installed providers supply an implementation of
SecureRandom, a system-provided source of randomness will be used.)
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.
opmode
- the operation mode of this cipher (this is either
ENCRYPT_MODE
or DECRYPT_MODE
)key
- the keypublic final void init(int opmode, java.security.Key key, java.security.SecureRandom random) throws java.security.InvalidKeyException
The cipher is initialized for encryption or decryption, depending on
the value of opmode
.
If this cipher requires any algorithm parameters that cannot be
derived from the given key
, the underlying cipher
implementation is supposed to generate the required parameters itself
(using provider-specific default or random values) if it is being
initialized for encryption, and raise an
InvalidKeyException
if it is being
initialized for decryption.
The generated parameters can be retrieved using
engineGetParameters or
engineGetIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes (e.g., for parameter generation), it will get
them from random
.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.
opmode
- the operation mode of this cipher (this is either
ENCRYPT_MODE
or DECRYPT_MODE
)key
- the encryption keyrandom
- the source of randomnesspublic final void init(int opmode, java.security.Key key, java.security.spec.AlgorithmParameterSpec params) throws java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException
The cipher is initialized for encryption or decryption, depending on
the value of opmode
.
If this cipher requires any algorithm parameters and
params
is null, the underlying cipher implementation is
supposed to generate the required parameters itself (using
provider-specific default or random values) if it is being
initialized for encryption, and raise an
InvalidAlgorithmParameterException
if it is being
initialized for decryption.
The generated parameters can be retrieved using
getParameters or
getIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes (e.g., for parameter generation), it will get
them using the
SecureRandom
implementation of the highest-priority
installed provider as the source of randomness.
(If none of the installed providers supply an implementation of
SecureRandom, a system-provided source of randomness will be used.)
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.
opmode
- the operation mode of this cipher (this is either
ENCRYPT_MODE
or DECRYPT_MODE
)key
- the encryption keyparams
- the algorithm parametersparams
is null.public final void init(int opmode, java.security.Key key, java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random) throws java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException
The cipher is initialized for encryption or decryption, depending on
the value of opmode
.
If this cipher requires any algorithm parameters and
params
is null, the underlying cipher implementation is
supposed to generate the required parameters itself (using
provider-specific default or random values) if it is being
initialized for encryption, and raise an
InvalidAlgorithmParameterException
if it is being
initialized for decryption.
The generated parameters can be retrieved using
getParameters or
getIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes (e.g., for parameter generation), it will get
them from random
.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.
opmode
- the operation mode of this cipher (this is either
ENCRYPT_MODE
or DECRYPT_MODE
)key
- the encryption keyparams
- the algorithm parametersrandom
- the source of randomnessparams
is null.public final void init(int opmode, java.security.Key key, java.security.AlgorithmParameters params) throws java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException
The cipher is initialized for encryption or decryption, depending on
the value of opmode
.
If this cipher requires any algorithm parameters and
params
is null, the underlying cipher implementation is
supposed to generate the required parameters itself (using
provider-specific default or random values) if it is being
initialized for encryption, and raise an
InvalidAlgorithmParameterException
if it is being
initialized for decryption.
The generated parameters can be retrieved using
getParameters or
getIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes (e.g., for parameter generation), it will get
them using the
SecureRandom
implementation of the highest-priority
installed provider as the source of randomness.
(If none of the installed providers supply an implementation of
SecureRandom, a system-provided source of randomness will be used.)
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.
opmode
- the operation mode of this cipher (this is either
ENCRYPT_MODE
or DECRYPT_MODE
)key
- the encryption keyparams
- the algorithm parametersparams
is null.public final void init(int opmode, java.security.Key key, java.security.AlgorithmParameters params, java.security.SecureRandom random) throws java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException
The cipher is initialized for encryption or decryption, depending on
the value of opmode
.
If this cipher requires any algorithm parameters and
params
is null, the underlying cipher implementation is
supposed to generate the required parameters itself (using
provider-specific default or random values) if it is being
initialized for encryption, and raise an
InvalidAlgorithmParameterException
if it is being
initialized for decryption.
The generated parameters can be retrieved using
getParameters or
getIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes (e.g., for parameter generation), it will get
them from random
.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.
opmode
- the operation mode of this cipher (this is either
ENCRYPT_MODE
or DECRYPT_MODE
)key
- the encryption keyparams
- the algorithm parametersrandom
- the source of randomnessparams
is null.public final byte[] update(byte[] input) throws java.lang.IllegalStateException
The bytes in the input
buffer are processed, and the
result is stored in a new buffer.
If input
has a length of zero, this method returns
null
.
input
- the input bufferpublic final byte[] update(byte[] input, int inputOffset, int inputLen) throws java.lang.IllegalStateException
The first inputLen
bytes in the input
buffer, starting at inputOffset
inclusive, are processed,
and the result is stored in a new buffer.
If inputLen
is zero, this method returns
null
.
input
- the input bufferinputOffset
- the offset in input
where the input
startsinputLen
- the input lengthpublic final int update(byte[] input, int inputOffset, int inputLen, byte[] output) throws java.lang.IllegalStateException, ShortBufferException
The first inputLen
bytes in the input
buffer, starting at inputOffset
inclusive, are processed,
and the result is stored in the output
buffer.
If the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. In this case, repeat this
call with a larger output buffer. Use
getOutputSize to determine how big
the output buffer should be.
If inputLen
is zero, this method returns
a length of zero.
input
- the input bufferinputOffset
- the offset in input
where the input
startsinputLen
- the input lengthoutput
- the buffer for the resultoutput
public final int update(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws java.lang.IllegalStateException, ShortBufferException
The first inputLen
bytes in the input
buffer, starting at inputOffset
inclusive, are processed,
and the result is stored in the output
buffer, starting at
outputOffset
inclusive.
If the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. In this case, repeat this
call with a larger output buffer. Use
getOutputSize to determine how big
the output buffer should be.
If inputLen
is zero, this method returns
a length of zero.
input
- the input bufferinputOffset
- the offset in input
where the input
startsinputLen
- the input lengthoutput
- the buffer for the resultoutputOffset
- the offset in output
where the result
is storedoutput
public final byte[] doFinal() throws java.lang.IllegalStateException, IllegalBlockSizeException, BadPaddingException
Input data that may have been buffered during a previous
update
operation is processed, with padding (if requested)
being applied.
The result is stored in a new buffer.
A call to this method resets this cipher object to the state
it was in when previously initialized via a call to init
.
That is, the object is reset and available to encrypt or decrypt
(depending on the operation mode that was specified in the call to
init
) more data.
public final int doFinal(byte[] output, int outputOffset) throws java.lang.IllegalStateException, IllegalBlockSizeException, ShortBufferException, BadPaddingException
Input data that may have been buffered during a previous
update
operation is processed, with padding (if requested)
being applied.
The result is stored in the output
buffer, starting at
outputOffset
inclusive.
If the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. In this case, repeat this
call with a larger output buffer. Use
getOutputSize to determine how big
the output buffer should be.
A call to this method resets this cipher object to the state
it was in when previously initialized via a call to init
.
That is, the object is reset and available to encrypt or decrypt
(depending on the operation mode that was specified in the call to
init
) more data.
output
- the buffer for the resultoutputOffset
- the offset in output
where the result
is storedoutput
public final byte[] doFinal(byte[] input) throws java.lang.IllegalStateException, IllegalBlockSizeException, BadPaddingException
The bytes in the input
buffer, and any input bytes that
may have been buffered during a previous update
operation,
are processed, with padding (if requested) being applied.
The result is stored in a new buffer.
A call to this method resets this cipher object to the state
it was in when previously initialized via a call to init
.
That is, the object is reset and available to encrypt or decrypt
(depending on the operation mode that was specified in the call to
init
) more data.
input
- the input bufferpublic final byte[] doFinal(byte[] input, int inputOffset, int inputLen) throws java.lang.IllegalStateException, IllegalBlockSizeException, BadPaddingException
The first inputLen
bytes in the input
buffer, starting at inputOffset
inclusive, and any input
bytes that may have been buffered during a previous update
operation, are processed, with padding (if requested) being applied.
The result is stored in a new buffer.
A call to this method resets this cipher object to the state
it was in when previously initialized via a call to init
.
That is, the object is reset and available to encrypt or decrypt
(depending on the operation mode that was specified in the call to
init
) more data.
input
- the input bufferinputOffset
- the offset in input
where the input
startsinputLen
- the input lengthpublic final int doFinal(byte[] input, int inputOffset, int inputLen, byte[] output) throws java.lang.IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException
The first inputLen
bytes in the input
buffer, starting at inputOffset
inclusive, and any input
bytes that may have been buffered during a previous update
operation, are processed, with padding (if requested) being applied.
The result is stored in the output
buffer.
If the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. In this case, repeat this
call with a larger output buffer. Use
getOutputSize to determine how big
the output buffer should be.
A call to this method resets this cipher object to the state
it was in when previously initialized via a call to init
.
That is, the object is reset and available to encrypt or decrypt
(depending on the operation mode that was specified in the call to
init
) more data.
input
- the input bufferinputOffset
- the offset in input
where the input
startsinputLen
- the input lengthoutput
- the buffer for the resultoutput
public final int doFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws java.lang.IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException
The first inputLen
bytes in the input
buffer, starting at inputOffset
inclusive, and any input
bytes that may have been buffered during a previous
update
operation, are processed, with padding
(if requested) being applied.
The result is stored in the output
buffer, starting at
outputOffset
inclusive.
If the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. In this case, repeat this
call with a larger output buffer. Use
getOutputSize to determine how big
the output buffer should be.
A call to this method resets this cipher object to the state
it was in when previously initialized via a call to init
.
That is, the object is reset and available to encrypt or decrypt
(depending on the operation mode that was specified in the call to
init
) more data.
input
- the input bufferinputOffset
- the offset in input
where the input
startsinputLen
- the input lengthoutput
- the buffer for the resultoutputOffset
- the offset in output
where the result
is storedoutput
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |