|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectjavax.crypto.CipherSpi
com.ibm.crypto.provider.PBEWithSHAAnd2KeyTripleDESCipher
public final class PBEWithSHAAnd2KeyTripleDESCipher
This class implements a proprietary password-based encryption algorithm. It is based on password-based encryption as defined by the PKCS #5 standard, except that is uses triple DES instead of DES. Here's how this algorithm works: 1. Create random salt and split it in two halves. If the two halves are identical, invert one of them. 2. Concatenate password with each of the halves. 3. Digest each concatenation with c iterations, where c is the iterationCount. Concatenate the output from each digest round with the password, and use the result as the input to the next digest operation. The digest algorithm is SHA. 4. After c iterations, use the 2 resulting digests as follows: The 16 bytes of the first digest and the 1st 8 bytes of the 2nd digest form the triple DES key, and the last 8 bytes of the 2nd digest form the IV.
Cipher
Field Summary | |
---|---|
protected DESedeCipher |
desCipher
|
protected int |
iCount
|
protected byte[] |
salt
|
Constructor Summary | |
---|---|
PBEWithSHAAnd2KeyTripleDESCipher()
Creates an instance of this cipher, and initializes its mode (CBC) and padding (PKCS5). |
Method Summary | |
---|---|
protected byte[] |
engineDoFinal(byte[] input,
int inputOffset,
int inputLen)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. |
protected int |
engineDoFinal(byte[] input,
int inputOffset,
int inputLen,
byte[] output,
int outputOffset)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. |
protected int |
engineGetBlockSize()
Returns the block size (in bytes). |
protected byte[] |
engineGetIV()
Returns the initialization vector (IV) in a new buffer. |
protected int |
engineGetKeySize(Key key)
Returns the key size of the given key object. |
protected int |
engineGetOutputSize(int inputLen)
Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or
doFinal operation, given the input length
inputLen (in bytes). |
protected AlgorithmParameters |
engineGetParameters()
Returns the parameters used with this cipher. |
protected void |
engineInit(int opmode,
Key key,
AlgorithmParameterSpec params,
SecureRandom random)
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness. |
protected void |
engineInit(int opmode,
Key key,
AlgorithmParameters params,
SecureRandom random)
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness. |
protected void |
engineInit(int opmode,
Key key,
SecureRandom random)
Initializes this cipher with a key and a source of randomness. |
protected void |
engineSetMode(String mode)
Sets the mode of this cipher. |
protected void |
engineSetPadding(String paddingScheme)
Sets the padding mechanism of this cipher. |
protected Key |
engineUnwrap(byte[] wrappedKey,
String wrappedKeyAlgorithm,
int wrappedKeyType)
Unwrap a previously wrapped key. |
protected byte[] |
engineUpdate(byte[] input,
int inputOffset,
int inputLen)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part. |
protected int |
engineUpdate(byte[] input,
int inputOffset,
int inputLen,
byte[] output,
int outputOffset)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part. |
protected byte[] |
engineWrap(Key key)
Wrap a key. |
Methods inherited from class javax.crypto.CipherSpi |
---|
engineDoFinal, engineUpdate |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected DESedeCipher desCipher
protected byte[] salt
protected int iCount
Constructor Detail |
---|
public PBEWithSHAAnd2KeyTripleDESCipher() throws NoSuchAlgorithmException, NoSuchPaddingException
NoSuchAlgorithmException
- if the required cipher mode (CBC) is
unavailable
NoSuchPaddingException
- if the required padding mechanism
(PKCS5Padding) is unavailableMethod Detail |
---|
protected void engineSetMode(String mode) throws NoSuchAlgorithmException
engineSetMode
in class CipherSpi
mode
- the cipher mode
NoSuchAlgorithmException
- if the requested cipher mode is
invalidprotected void engineSetPadding(String paddingScheme) throws NoSuchPaddingException
engineSetPadding
in class CipherSpi
padding
- the padding mechanism
NoSuchPaddingException
- if the requested padding mechanism
is invalidprotected int engineGetBlockSize()
engineGetBlockSize
in class CipherSpi
protected int engineGetOutputSize(int inputLen)
update
or
doFinal
operation, given the input length
inputLen
(in bytes).
This call takes into account any unprocessed (buffered) data from a
previous update
call, and padding.
The actual output length of the next update
or
doFinal
call may be smaller than the length returned by
this method.
engineGetOutputSize
in class CipherSpi
inputLen
- the input length (in bytes)
protected byte[] engineGetIV()
This is useful in the case where a random IV has been created (see init), or in the context of password-based encryption or decryption, where the IV is derived from a user-supplied password.
engineGetIV
in class CipherSpi
protected AlgorithmParameters engineGetParameters()
The returned parameters may be the same that were used to initialize this cipher, or may contain the default set of parameters or a set of randomly generated parameters used by the underlying cipher implementation (provided that the underlying cipher implementation uses a default set of parameters or creates new parameters if it needs parameters but was not initialized with any).
engineGetParameters
in class CipherSpi
protected void engineInit(int opmode, Key key, SecureRandom random) throws InvalidKeyException
opmode
.
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes, it will get them from random
.
engineInit
in class CipherSpi
opmode
- the operation mode of this cipher (this is one of
the following:
ENCRYPT_MODE
, DECRYPT_MODE
),
WRAP_MODE
or UNWRAP_MODE
)key
- the encryption keyrandom
- the source of randomness
InvalidKeyException
- if the given key is inappropriate for
initializing this cipherprotected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException
opmode
.
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes, it will get them from random
.
engineInit
in class CipherSpi
opmode
- the operation mode of this cipher (this is one of
the following:
ENCRYPT_MODE
, DECRYPT_MODE
),
WRAP_MODE
or UNWRAP_MODE
)key
- the encryption keyparams
- the algorithm parametersrandom
- the source of randomness
InvalidKeyException
- if the given key is inappropriate for
initializing this cipher
InvalidAlgorithmParameterException
- if the given algorithm
parameters are inappropriate for this cipherprotected void engineInit(int opmode, Key key, AlgorithmParameters params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException
CipherSpi
The cipher is initialized for one of the following four operations:
encryption, decryption, key wrapping or key unwrapping, depending on
the value of opmode
.
If this cipher requires any algorithm parameters and
params
is null, the underlying cipher implementation is
supposed to generate the required parameters itself (using
provider-specific default or random values) if it is being
initialized for encryption or key wrapping, and raise an
InvalidAlgorithmParameterException
if it is being
initialized for decryption or key unwrapping.
The generated parameters can be retrieved using
engineGetParameters
or
engineGetIV
(if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes (e.g., for parameter generation), it will get
them from random
.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.
engineInit
in class CipherSpi
opmode
- the operation mode of this cipher (this is one of
the following:
ENCRYPT_MODE
, DECRYPT_MODE
,
WRAP_MODE
or UNWRAP_MODE
)key
- the encryption keyparams
- the algorithm parametersrandom
- the source of randomness
InvalidKeyException
- if the given key is inappropriate for
initializing this cipher
InvalidAlgorithmParameterException
- if the given algorithm
parameters are inappropriate for this cipher,
or if this cipher is being initialized for decryption and requires
algorithm parameters and params
is null.protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLen)
The first inputLen
bytes in the input
buffer, starting at inputOffset
, are processed, and the
result is stored in a new buffer.
engineUpdate
in class CipherSpi
input
- the input bufferinputOffset
- the offset in input
where the input
startsinputLen
- the input length
protected int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException
The first inputLen
bytes in the input
buffer, starting at inputOffset
, are processed, and the
result is stored in the output
buffer, starting at
outputOffset
.
engineUpdate
in class CipherSpi
input
- the input bufferinputOffset
- the offset in input
where the input
startsinputLen
- the input lengthoutput
- the buffer for the resultoutputOffset
- the offset in output
where the result
is stored
output
ShortBufferException
- if the given output buffer is too small
to hold the resultprotected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) throws IllegalBlockSizeException, BadPaddingException
The first inputLen
bytes in the input
buffer, starting at inputOffset
, and any input bytes that
may have been buffered during a previous update
operation,
are processed, with padding (if requested) being applied.
The result is stored in a new buffer.
The cipher is reset to its initial state (uninitialized) after this call.
engineDoFinal
in class CipherSpi
input
- the input bufferinputOffset
- the offset in input
where the input
startsinputLen
- the input length
IllegalBlockSizeException
- if this cipher is a block cipher,
no padding has been requested (only in encryption mode), and the total
input length of the data processed by this cipher is not a multiple of
block size
BadPaddingException
- if decrypting and padding is choosen,
but the last input data does not have proper padding bytes.protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
The first inputLen
bytes in the input
buffer, starting at inputOffset
, and any input bytes that
may have been buffered during a previous update
operation,
are processed, with padding (if requested) being applied.
The result is stored in the output
buffer, starting at
outputOffset
.
The cipher is reset to its initial state (uninitialized) after this call.
engineDoFinal
in class CipherSpi
input
- the input bufferinputOffset
- the offset in input
where the input
startsinputLen
- the input lengthoutput
- the buffer for the resultoutputOffset
- the offset in output
where the result
is stored
output
IllegalBlockSizeException
- if this cipher is a block cipher,
no padding has been requested (only in encryption mode), and the total
input length of the data processed by this cipher is not a multiple of
block size
ShortBufferException
- if the given output buffer is too small
to hold the result
BadPaddingException
- if decrypting and padding is choosen,
but the last input data does not have proper padding bytes.protected int engineGetKeySize(Key key) throws InvalidKeyException
engineGetKeySize
in class CipherSpi
key
- the key object.
InvalidKeyException
- if key
is invalid.protected byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException
engineWrap
in class CipherSpi
key
- the key to be wrapped.
IllegalBlockSizeException
- if this cipher is a block
cipher, no padding has been requested, and the length of the
encoding of the key to be wrapped is not a
multiple of the block size.
InvalidKeyException
- if it is impossible or unsafe to
wrap the key with this cipher (e.g., a hardware protected key is
being passed to a software only cipher).protected Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType) throws InvalidKeyException, NoSuchAlgorithmException
engineUnwrap
in class CipherSpi
wrappedKey
- the key to be unwrapped.wrappedKeyAlgorithm
- the algorithm the wrapped key is for.wrappedKeyType
- the type of the wrapped key.
This is one of Cipher.SECRET_KEY
,
Cipher.PRIVATE_KEY
, or Cipher.PUBLIC_KEY
.
InvalidKeyException
- if wrappedKey
does not
represent a wrapped key, or if the algorithm associated with the
wrapped key is different from wrappedKeyAlgorithm
and/or its key type is different from wrappedKeyType
.
NoSuchAlgorithmException
- if no installed providers
can create keys for the wrappedKeyAlgorithm
.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |