com.ibm.crypto.provider
Class PBEWithSHAAnd128BitRC4

java.lang.Object
  extended by javax.crypto.CipherSpi
      extended by com.ibm.crypto.provider.PBEWithSHAAnd128BitRC4

public final class PBEWithSHAAnd128BitRC4
extends CipherSpi

This class represents password-based encryption as defined by the PKCS #5 standard. The particular algorithm implemented is pbeWithSHA1AndRC4-CBC. Padding is done as described in PKCS #5.

See Also:
Cipher

Field Summary
protected  int iCount
           
protected  RC4 rc4cipher
           
protected  byte[] salt
           
 
Constructor Summary
PBEWithSHAAnd128BitRC4()
          Creates an instance of this cipher, and initializes its mode (CBC) and padding (PKCS5).
 
Method Summary
protected  byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen)
          Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
protected  int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
          Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
protected  int engineGetBlockSize()
          Returns the block size (in bytes).
protected  byte[] engineGetIV()
          Returns the initialization vector (IV) in a new buffer.
protected  int engineGetKeySize(Key key)
          Returns the key size of the given key object.
protected  int engineGetOutputSize(int inputLen)
          Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or doFinal operation, given the input length inputLen (in bytes).
protected  AlgorithmParameters engineGetParameters()
          Returns the parameters used with this cipher.
protected  void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random)
          Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness.
protected  void engineInit(int opmode, Key key, AlgorithmParameters params, SecureRandom random)
          Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness.
protected  void engineInit(int opmode, Key key, SecureRandom random)
          Initializes this cipher with a key and a source of randomness.
protected  void engineSetMode(String mode)
          Sets the mode of this cipher.
protected  void engineSetPadding(String paddingScheme)
          Sets the padding mechanism of this cipher.
protected  Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType)
          Unwrap a previously wrapped key.
protected  byte[] engineUpdate(byte[] input, int inputOffset, int inputLen)
          Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
protected  int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
          Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
protected  byte[] engineWrap(Key key)
          Wrap a key.
 
Methods inherited from class javax.crypto.CipherSpi
engineDoFinal, engineUpdate
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

rc4cipher

protected RC4 rc4cipher

salt

protected byte[] salt

iCount

protected int iCount
Constructor Detail

PBEWithSHAAnd128BitRC4

public PBEWithSHAAnd128BitRC4()
                       throws NoSuchAlgorithmException,
                              NoSuchPaddingException
Creates an instance of this cipher, and initializes its mode (CBC) and padding (PKCS5).

Throws:
NoSuchAlgorithmException - if the required cipher mode (CBC) is unavailable
NoSuchPaddingException - if the required padding mechanism (PKCS5Padding) is unavailable
Method Detail

engineSetMode

protected void engineSetMode(String mode)
                      throws NoSuchAlgorithmException
Sets the mode of this cipher. This algorithm can only be run in CBC mode.

Specified by:
engineSetMode in class CipherSpi
Parameters:
mode - the cipher mode
Throws:
NoSuchAlgorithmException - if the requested cipher mode is invalid

engineSetPadding

protected void engineSetPadding(String paddingScheme)
                         throws NoSuchPaddingException
Sets the padding mechanism of this cipher. This algorithm only uses PKCS #5 padding.

Specified by:
engineSetPadding in class CipherSpi
Parameters:
padding - the padding mechanism
Throws:
NoSuchPaddingException - if the requested padding mechanism is invalid

engineGetBlockSize

protected int engineGetBlockSize()
Returns the block size (in bytes).

Specified by:
engineGetBlockSize in class CipherSpi
Returns:
the block size (in bytes)

engineGetOutputSize

protected int engineGetOutputSize(int inputLen)
Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or doFinal operation, given the input length inputLen (in bytes).

This call takes into account any unprocessed (buffered) data from a previous update call, and padding.

The actual output length of the next update or doFinal call may be smaller than the length returned by this method.

Specified by:
engineGetOutputSize in class CipherSpi
Parameters:
inputLen - the input length (in bytes)
Returns:
the required output buffer size (in bytes)

engineGetIV

protected byte[] engineGetIV()
Returns the initialization vector (IV) in a new buffer.

This is useful in the case where a random IV has been created (see init), or in the context of password-based encryption or decryption, where the IV is derived from a user-supplied password.

Specified by:
engineGetIV in class CipherSpi
Returns:
the initialization vector in a new buffer, or null if the underlying algorithm does not use an IV, or if the IV has not yet been set.

engineGetParameters

protected AlgorithmParameters engineGetParameters()
Returns the parameters used with this cipher.

The returned parameters may be the same that were used to initialize this cipher, or may contain the default set of parameters or a set of randomly generated parameters used by the underlying cipher implementation (provided that the underlying cipher implementation uses a default set of parameters or creates new parameters if it needs parameters but was not initialized with any).

Specified by:
engineGetParameters in class CipherSpi
Returns:
the parameters used with this cipher, or null if this cipher does not use any parameters.

engineInit

protected void engineInit(int opmode,
                          Key key,
                          SecureRandom random)
                   throws InvalidKeyException
Initializes this cipher with a key and a source of randomness. The cipher is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of opmode.

If this cipher (including its underlying feedback or padding scheme) requires any random bytes, it will get them from random.

Specified by:
engineInit in class CipherSpi
Parameters:
opmode - the operation mode of this cipher (this is one of the following: ENCRYPT_MODE, DECRYPT_MODE), WRAP_MODE or UNWRAP_MODE)
key - the encryption key
random - the source of randomness
Throws:
InvalidKeyException - if the given key is inappropriate for initializing this cipher

engineInit

protected void engineInit(int opmode,
                          Key key,
                          AlgorithmParameterSpec params,
                          SecureRandom random)
                   throws InvalidKeyException,
                          InvalidAlgorithmParameterException
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness. The cipher is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of opmode.

If this cipher (including its underlying feedback or padding scheme) requires any random bytes, it will get them from random.

Specified by:
engineInit in class CipherSpi
Parameters:
opmode - the operation mode of this cipher (this is one of the following: ENCRYPT_MODE, DECRYPT_MODE), WRAP_MODE or UNWRAP_MODE)
key - the encryption key
params - the algorithm parameters
random - the source of randomness
Throws:
InvalidKeyException - if the given key is inappropriate for initializing this cipher
InvalidAlgorithmParameterException - if the given algorithm parameters are inappropriate for this cipher

engineInit

protected void engineInit(int opmode,
                          Key key,
                          AlgorithmParameters params,
                          SecureRandom random)
                   throws InvalidKeyException,
                          InvalidAlgorithmParameterException
Description copied from class: CipherSpi
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness.

The cipher is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of opmode.

If this cipher requires any algorithm parameters and params is null, the underlying cipher implementation is supposed to generate the required parameters itself (using provider-specific default or random values) if it is being initialized for encryption or key wrapping, and raise an InvalidAlgorithmParameterException if it is being initialized for decryption or key unwrapping. The generated parameters can be retrieved using engineGetParameters or engineGetIV (if the parameter is an IV).

If this cipher (including its underlying feedback or padding scheme) requires any random bytes (e.g., for parameter generation), it will get them from random.

Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.

Specified by:
engineInit in class CipherSpi
Parameters:
opmode - the operation mode of this cipher (this is one of the following: ENCRYPT_MODE, DECRYPT_MODE, WRAP_MODE or UNWRAP_MODE)
key - the encryption key
params - the algorithm parameters
random - the source of randomness
Throws:
InvalidKeyException - if the given key is inappropriate for initializing this cipher
InvalidAlgorithmParameterException - if the given algorithm parameters are inappropriate for this cipher, or if this cipher is being initialized for decryption and requires algorithm parameters and params is null.

engineUpdate

protected byte[] engineUpdate(byte[] input,
                              int inputOffset,
                              int inputLen)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.

The first inputLen bytes in the input buffer, starting at inputOffset, are processed, and the result is stored in a new buffer.

Specified by:
engineUpdate in class CipherSpi
Parameters:
input - the input buffer
inputOffset - the offset in input where the input starts
inputLen - the input length
Returns:
the new buffer with the result

engineUpdate

protected int engineUpdate(byte[] input,
                           int inputOffset,
                           int inputLen,
                           byte[] output,
                           int outputOffset)
                    throws ShortBufferException
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.

The first inputLen bytes in the input buffer, starting at inputOffset, are processed, and the result is stored in the output buffer, starting at outputOffset.

Specified by:
engineUpdate in class CipherSpi
Parameters:
input - the input buffer
inputOffset - the offset in input where the input starts
inputLen - the input length
output - the buffer for the result
outputOffset - the offset in output where the result is stored
Returns:
the number of bytes stored in output
Throws:
ShortBufferException - if the given output buffer is too small to hold the result

engineDoFinal

protected byte[] engineDoFinal(byte[] input,
                               int inputOffset,
                               int inputLen)
                        throws IllegalBlockSizeException,
                               BadPaddingException
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.

The first inputLen bytes in the input buffer, starting at inputOffset, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. The result is stored in a new buffer.

The cipher is reset to its initial state (uninitialized) after this call.

Specified by:
engineDoFinal in class CipherSpi
Parameters:
input - the input buffer
inputOffset - the offset in input where the input starts
inputLen - the input length
Returns:
the new buffer with the result
Throws:
IllegalBlockSizeException - if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size
BadPaddingException - if decrypting and padding is choosen, but the last input data does not have proper padding bytes.

engineDoFinal

protected int engineDoFinal(byte[] input,
                            int inputOffset,
                            int inputLen,
                            byte[] output,
                            int outputOffset)
                     throws ShortBufferException,
                            IllegalBlockSizeException,
                            BadPaddingException
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.

The first inputLen bytes in the input buffer, starting at inputOffset, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. The result is stored in the output buffer, starting at outputOffset.

The cipher is reset to its initial state (uninitialized) after this call.

Specified by:
engineDoFinal in class CipherSpi
Parameters:
input - the input buffer
inputOffset - the offset in input where the input starts
inputLen - the input length
output - the buffer for the result
outputOffset - the offset in output where the result is stored
Returns:
the number of bytes stored in output
Throws:
IllegalBlockSizeException - if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size
ShortBufferException - if the given output buffer is too small to hold the result
BadPaddingException - if decrypting and padding is choosen, but the last input data does not have proper padding bytes.

engineGetKeySize

protected int engineGetKeySize(Key key)
                        throws InvalidKeyException
Returns the key size of the given key object.

Overrides:
engineGetKeySize in class CipherSpi
Parameters:
key - the key object.
Returns:
the key size of the given key object.
Throws:
InvalidKeyException - if key is invalid.

engineWrap

protected byte[] engineWrap(Key key)
                     throws IllegalBlockSizeException,
                            InvalidKeyException
Wrap a key.

Overrides:
engineWrap in class CipherSpi
Parameters:
key - the key to be wrapped.
Returns:
the wrapped key.
Throws:
IllegalBlockSizeException - if this cipher is a block cipher, no padding has been requested, and the length of the encoding of the key to be wrapped is not a multiple of the block size.
InvalidKeyException - if it is impossible or unsafe to wrap the key with this cipher (e.g., a hardware protected key is being passed to a software only cipher).

engineUnwrap

protected Key engineUnwrap(byte[] wrappedKey,
                           String wrappedKeyAlgorithm,
                           int wrappedKeyType)
                    throws InvalidKeyException,
                           NoSuchAlgorithmException
Unwrap a previously wrapped key.

Overrides:
engineUnwrap in class CipherSpi
Parameters:
wrappedKey - the key to be unwrapped.
wrappedKeyAlgorithm - the algorithm the wrapped key is for.
wrappedKeyType - the type of the wrapped key. This is one of Cipher.SECRET_KEY, Cipher.PRIVATE_KEY, or Cipher.PUBLIC_KEY.
Returns:
the unwrapped key.
Throws:
InvalidKeyException - if wrappedKey does not represent a wrapped key, or if the algorithm associated with the wrapped key is different from wrappedKeyAlgorithm and/or its key type is different from wrappedKeyType.
NoSuchAlgorithmException - if no installed providers can create keys for the wrappedKeyAlgorithm.