Contents | Package | Class | Tree | Deprecated | Index | Help | |||
PREV | NEXT | SHOW LISTS | HIDE LISTS |
java.lang.Object | +----javax.crypto.CipherSpi
Cipher
class.
All the abstract methods in this class must be implemented by each
cryptographic service provider who wishes to supply the implementation
of a particular cipher algorithm.
In order to create an instance of Cipher
, which
encapsulates an instance of this CipherSpi
class, an
application calls the getInstance
method of
Cipher
and specifies the requested transformation.
Optionally, the application may also specify the name of a provider.
A transformation is a string that describes the operation (or set of operations) to be performed on the given input, to produce some output. A transformation always includes the name of a cryptographic algorithm (e.g., DES), and may be followed by a feedback mode and padding scheme. A transformation is of the form: "algorithm" or "algorithm/mode/padding" (in the first case, provider-specific defaults are used for mode and padding). For example, "DES/CBC/PKCS5Padding" represents a valid transformation.
A provider may supply a separate class for each combination
of algorithm/mode/padding, or may decide to provide more generic
classes representing sub-transformations corresponding to
algorithm or algorithm/mode or algorithm//padding
(note the double slashes),
in which case the requested mode and/or padding are set automatically by
the getInstance
method of Cipher
, which invokes the
engineSetMode and
engineSetPadding
methods of the provider's subclass of CipherSpi
, after
that subclass is instantiated by the system.
For example, a provider may supply a subclass of CipherSpi
that implements DES/ECB/PKCS5Padding, one that implements
DES/CBC/PKCS5Padding, one that implements
DES/CFB/PKCS5Padding, and yet another one that implements
DES/OFB/PKCS5Padding.
A different provider may implement a class for each of the above modes
(i.e., one class for ECB, one for CBC, one for CFB,
and one for OFB), one class for PKCS5Padding,
and a generic DES class that subclasses from CipherSpi
.
The algorithm for instantiating a CipherSpi
object
(using one of the getInstance
methods) when a
transformation of the form algorithm is given is as follows:
CipherSpi
for the specified algorithm.
If the answer is YES, instantiate this class, for whose mode and padding scheme default values (as supplied by the provider) are used.
If the answer is NO, throw a NoSuchAlgorithmException
exception.
The algorithm for instantiating a CipherSpi
object when a
transformation of the form algorithm/mode/padding is given is as
follows:
CipherSpi
for the specified algorithm/mode/padding transformation.
If the answer is YES, instantiate it.
If the answer is NO, go to the next step.
CipherSpi
for the sub-transformation algorithm/mode.
If the answer is YES, instantiate it, and call
engineSetPadding(padding)
on the new instance.
If the answer is NO, go to the next step.
CipherSpi
for the sub-transformation algorithm//padding (note the double
slashes).
If the answer is YES, instantiate it, and call
engineSetMode(mode)
on the new instance.
If the answer is NO, go to the next step.
CipherSpi
for the sub-transformation algorithm.
If the answer is YES, instantiate it, and call
engineSetMode(mode)
and
engineSetPadding(padding)
on the new instance.
If the answer is NO, throw a NoSuchAlgorithmException
exception.
Constructor Summary | |
CipherSpi()
|
Method Summary | |
byte[] | engineDoFinal(byte[] input,
int inputOffset,
int inputLen)
|
int | engineDoFinal(byte[] input,
int inputOffset,
int inputLen,
byte[] output,
int outputOffset)
|
int | engineGetBlockSize()
|
byte[] | engineGetIV()
|
int | engineGetOutputSize(int inputLen)
update
or doFinal operation, given the input length
inputLen (in bytes).
|
void | engineInit(int opmode,
java.security.Key key,
java.security.SecureRandom random)
|
void | engineInit(int opmode,
java.security.Key key,
java.security.spec.AlgorithmParameterSpec params,
java.security.SecureRandom random)
|
void | engineSetMode(java.lang.String mode)
|
void | engineSetPadding(java.lang.String padding)
|
byte[] | engineUpdate(byte[] input,
int inputOffset,
int inputLen)
|
int | engineUpdate(byte[] input,
int inputOffset,
int inputLen,
byte[] output,
int outputOffset)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public CipherSpi()
Method Detail |
protected abstract void engineSetMode(java.lang.String mode) throws java.security.NoSuchAlgorithmException
mode
- the cipher mode
protected abstract void engineSetPadding(java.lang.String padding) throws NoSuchPaddingException
padding
- the padding mechanism
protected abstract int engineGetBlockSize()
protected abstract int engineGetOutputSize(int inputLen)
update
or doFinal
operation, given the input length
inputLen
(in bytes).
This call takes into account any unprocessed (buffered) data from a
previous update
call, and padding.
The actual output length of the next update
or
doFinal
call may be smaller than the length returned by
this method.
inputLen
- the input length (in bytes)
protected abstract byte[] engineGetIV()
This is useful in the context of password-based encryption or decryption, where the IV is derived from a user-provided passphrase.
protected abstract void engineInit(int opmode, java.security.Key key, java.security.SecureRandom random) throws java.security.InvalidKeyException
The cipher is initialized for encryption or decryption, depending on
the value of opmode
.
If this cipher requires an initialization vector (IV), it will get
it from random
. The random IV can be
retrieved using getIV.
This behaviour should only be used in encryption mode, however.
When initializing a cipher that requires an IV for decryption, the IV
(same IV that was used for encryption) must be provided explicitly as a
parameter, in order to get the correct result.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher, and initializing it.
opmode
- the operation mode of this cipher (this is either
ENCRYPT_MODE
or DECRYPT_MODE
)
key
- the encryption key
random
- the source of randomness
protected abstract void engineInit(int opmode, java.security.Key key, java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random) throws java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException
The cipher is initialized for encryption or decryption, depending on
the value of opmode
.
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes, it will get them from random
.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher, and initializing it.
opmode
- the operation mode of this cipher (this is either
ENCRYPT_MODE
or DECRYPT_MODE
)
key
- the encryption key
params
- the algorithm parameters
random
- the source of randomness
protected abstract byte[] engineUpdate(byte[] input, int inputOffset, int inputLen)
The first inputLen
bytes in the input
buffer, starting at inputOffset
, are processed, and the
result is stored in a new buffer.
input
- the input buffer
inputOffset
- the offset in input
where the input
starts
inputLen
- the input length
protected abstract int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException
The first inputLen
bytes in the input
buffer, starting at inputOffset
, are processed, and the
result is stored in the output
buffer, starting at
outputOffset
.
If the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. In this case, repeat this
call with a larger output buffer. Use
getOutputSize to determine how big the
output buffer should be.
input
- the input buffer
inputOffset
- the offset in input
where the input
starts
inputLen
- the input length
output
- the buffer for the result
outputOffset
- the offset in output
where the result
is stored
output
protected abstract byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) throws IllegalBlockSizeException, BadPaddingException
The first inputLen
bytes in the input
buffer, starting at inputOffset
, and any input bytes that
may have been buffered during a previous update
operation,
are processed, with padding (if requested) being applied.
The result is stored in a new buffer.
input
- the input buffer
inputOffset
- the offset in input
where the input
starts
inputLen
- the input length
protected abstract int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
The first inputLen
bytes in the input
buffer, starting at inputOffset
, and any input bytes that
may have been buffered during a previous update
operation,
are processed, with padding (if requested) being applied.
The result is stored in the output
buffer, starting at
outputOffset
.
If the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. In this case, repeat this
call with a larger output buffer. Use
getOutputSize to determine how big the
output buffer should be.
input
- the input buffer
inputOffset
- the offset in input
where the input
starts
inputLen
- the input length
output
- the buffer for the result
outputOffset
- the offset in output
where the result
is stored
output
Contents | Package | Class | Tree | Deprecated | Index | Help | |||
PREV | NEXT | SHOW LISTS | HIDE LISTS |