h65210 s 00000/00000/00496 d D 1.2 97/12/09 15:24:44 luehe 3 1 c rm ,* e s 00000/00000/00000 d R 1.2 97/12/09 15:23:23 Codemgr 2 1 c SunPro Code Manager data about conflicts, renames, etc... c Name history : 1 0 security/JCE1.2/earlyaccess/javax.crypto.CipherSpi.html e s 00496/00000/00000 d D 1.1 97/12/09 15:23:22 luehe 1 0 c date and time created 97/12/09 15:23:22 by luehe e u U f e 0 t T I 1
All Packages Class Hierarchy This Package Previous Next Index
java.lang.Object | +----javax.crypto.CipherSpi
This class must be implemented by a provider who supports the above cryptographic services and wishes to register them with the Java Security Framework.
In order to create a Cipher object, the application calls the
getInstance
method of Cipher, and passes the name of the
requested transformation to it. Optionally, the name of a provider
may be specified.
A transformation is a string that describes the operation (or set of operations) to be performed on the given input, to produce some output. A transformation always includes the name of a cryptographic algorithm (e.g., DES), and may be followed by a feedback mode and padding scheme. A transformation is of the form: "algorithm" or "algorithm/mode/padding" (in the former case, provider-specific defaults are used for mode and padding). For example, "DES/CBC/PKCS5Padding" represents a valid transformation.
A provider may supply a separate class for each combination of algorithm/mode/padding, or may decide to provide more generic classes representing sub-transformations corresponding to algorithm or algorithm/mode, whose mode and/or padding schemes can be set using engineSetMode and engineSetPadding, respectively.
For example, a provider may supply a subclass of Cipher
that implements DES/ECB/PKCS5Padding, one that implements
DES/CBC/PKCS5Padding, one that implements
DES/CFB/PKCS5Padding, and yet another one that implements
DES/OFB/PKCS5Padding.
A different provider may implement a class for each of the above modes
(i.e., one class for ECB, one for CBC, one for CFB,
and one for OFB), one class for the PKCS5Padding scheme,
and a generic DES class (subclass of Cipher
), into
which the above mode and padding classes can be "plugged into", using the
engineSetMode
and engineSetPadding
methods.
The algorithm for instantiating a Cipher
object
(using one of the getInstance
methods) when a
transformation of the form algorithm is given is as follows:
Cipher
for the specified algorithm. If the answer is YES, instantiate this
class, for whose mode and padding scheme default values (as supplied by
the provider) are used.
If the answer is NO, throw a NoSuchAlgorithmException
exception.
The algorithm for instantiating a Cipher
object when a
transformation of the form algorithm/mode/padding is given is as
follows:
Cipher
for the specified algorithm/mode/padding transformation.
If the answer is YES, instantiate this class and return it to the user.
If the answer is NO, go to the next step.
Cipher
for the sub-transformation algorithm/mode.
If the answer is YES, instantiate this class, and call
engineSetPadding(padding)
on the new instance, before
returning it to the user.
If the answer is NO, go to the next step.
Cipher
for the sub-transformation algorithm.
If the answer is YES, instantiate this class, and call
engineSetMode(mode)
and
engineSetPadding(padding)
on the new instance, before
returning it to the user.
If the answer is NO, throw a NoSuchAlgorithmException
exception.
update
or doFinal
operation, given the input length
inputLen
(in bytes).
public CipherSpi()
protected abstract void engineSetMode(String mode) throws NoSuchAlgorithmException
protected abstract void engineSetPadding(String padding) throws NoSuchPaddingException
protected abstract int engineGetBlockSize()
protected abstract int engineGetOutputSize(int inputLen)
update
or doFinal
operation, given the input length
inputLen
(in bytes).
This call takes into account any unprocessed (buffered) data from a
previous update
call, and padding.
The actual output length of the next update
or
doFinal
call may be smaller than the length returned by
this method.
protected abstract byte[] engineGetIV()
This is useful in the context of password-based encryption or decryption, where the IV is derived from a user-provided passphrase.
protected abstract void engineInit(int opmode, Key key, SecureRandom random) throws InvalidKeyException
The cipher is initialized for encryption or decryption, depending on
the value of opmode
.
If this cipher requires an initialization vector (IV), it will get
it from random
. The random IV can be
retrieved using getIV.
This behaviour should only be used in encryption mode, however.
When initializing a cipher that requires an IV for decryption, the IV
(same IV that was used for encryption) must be provided explicitly as a
parameter, in order to get the correct result.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher, and initializing it.
ENCRYPT_MODE
or DECRYPT_MODE
)
protected abstract void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException
The cipher is initialized for encryption or decryption, depending on
the value of opmode
.
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes, it will get them from random
.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher, and initializing it.
ENCRYPT_MODE
or DECRYPT_MODE
)
protected abstract byte[] engineUpdate(byte input[], int inputOffset, int inputLen)
The first inputLen
bytes in the input
buffer, starting at inputOffset
, are processed, and the
result is stored in a new buffer.
input
where the input
starts
protected abstract int engineUpdate(byte input[], int inputOffset, int inputLen, byte output[], int outputOffset) throws ShortBufferException
The first inputLen
bytes in the input
buffer, starting at inputOffset
, are processed, and the
result is stored in the output
buffer, starting at
outputOffset
.
If the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. In this case, repeat this
call with a larger output buffer. Use
getOutputSize to determine how big the
output buffer should be.
input
where the input
starts
output
where the result
is stored
output
protected abstract byte[] engineDoFinal(byte input[], int inputOffset, int inputLen) throws IllegalBlockSizeException, BadPaddingException
The first inputLen
bytes in the input
buffer, starting at inputOffset
, and any input bytes that
may have been buffered during a previous update
operation,
are processed, with padding (if requested) being applied.
The result is stored in a new buffer.
input
where the input
starts
protected abstract int engineDoFinal(byte input[], int inputOffset, int inputLen, byte output[], int outputOffset) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
The first inputLen
bytes in the input
buffer, starting at inputOffset
, and any input bytes that
may have been buffered during a previous update
operation,
are processed, with padding (if requested) being applied.
The result is stored in the output
buffer, starting at
outputOffset
.
If the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. In this case, repeat this
call with a larger output buffer. Use
getOutputSize to determine how big the
output buffer should be.
input
where the input
starts
output
where the result
is stored
output
All Packages Class Hierarchy This Package Previous Next IndexE 1