|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--javax.crypto.Cipher
This class provides the functionality of a cryptographic cipher for encryption and decryption. It forms the core of the Java Cryptographic Extension (JCE) framework.
In order to create a Cipher object, the application calls the Cipher's getInstance method, and passes the name of the requested transformation to it. Optionally, the name of a provider may be specified.
A transformation is a string that describes the operation (or set of operations) to be performed on the given input, to produce some output. A transformation always includes the name of a cryptographic algorithm (e.g., DES), and may be followed by a feedback mode and padding scheme. A transformation is of the form: algorithm or algorithm/mode/padding (in the former case, defaults are used for mode and padding). For example, DES/CBC/PKCS5Padding represents a valid transformation.
KeyGenerator
,
SecretKey
,
java.security.KeyPairGenerator
,
PublicKey
,
PrivateKey
,
AlgorithmParameters
,
AlgorithmParameterSpec
Field Summary | |
static int |
DECRYPT_MODE
|
static int |
ENCRYPT_MODE
|
Constructor Summary | |
protected |
Cipher(CipherSpi cipherSpi,
Provider provider,
String transformation)
Creates a Cipher object. |
Method Summary | |
byte[] |
doFinal()
Finishes a multiple-part encryption or decryption operation, depending on how this cipher was initialized. |
byte[] |
doFinal(byte[] input)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. |
int |
doFinal(byte[] output,
int outputOffset)
Finishes a multiple-part encryption or decryption operation, depending on how this cipher was initialized. |
byte[] |
doFinal(byte[] input,
int inputOffset,
int inputLen)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. |
int |
doFinal(byte[] input,
int inputOffset,
int inputLen,
byte[] output)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. |
int |
doFinal(byte[] input,
int inputOffset,
int inputLen,
byte[] output,
int outputOffset)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. |
String |
getAlgorithm()
Returns the algorithm name of this Cipher object. |
int |
getBlockSize()
Returns the block size (in bytes). |
static Cipher |
getInstance(String transformation)
Creates a Cipher object that implements the specified algorithm, as supplied by the default provider. |
static Cipher |
getInstance(String transformation,
String provider)
Creates a Cipher object that implements the specified transformation, as supplied by the specified provider. |
byte[] |
getIV()
Returns the initialization vector (IV) in a new buffer. |
int |
getOutputSize(int inputLen)
Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or doFinal operation, given the input length inputLen (in bytes). |
AlgorithmParameters |
getParameters()
Returns the parameters used with this cipher. |
Provider |
getProvider()
Returns the provider of this Cipher object. |
void |
init(int opmode,
Key key)
Initializes this cipher with a key. |
void |
init(int opmode,
Key key,
AlgorithmParameters params)
Initializes this cipher with a key and a set of algorithm parameters. |
void |
init(int opmode,
Key key,
AlgorithmParameterSpec params)
Initializes this cipher with a key and a set of algorithm parameters. |
void |
init(int opmode,
Key key,
AlgorithmParameterSpec params,
SecureRandom random)
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness. |
void |
init(int opmode,
Key key,
AlgorithmParameters params,
SecureRandom random)
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness. |
void |
init(int opmode,
Key key,
SecureRandom random)
Initializes this cipher with a key and a source of randomness. |
byte[] |
update(byte[] input)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part. |
byte[] |
update(byte[] input,
int inputOffset,
int inputLen)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part. |
int |
update(byte[] input,
int inputOffset,
int inputLen,
byte[] output)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part. |
int |
update(byte[] input,
int inputOffset,
int inputLen,
byte[] output,
int outputOffset)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part. |
Methods inherited from class java.lang.Object |
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
Field Detail |
public static final int ENCRYPT_MODE
public static final int DECRYPT_MODE
Constructor Detail |
protected Cipher(CipherSpi cipherSpi, Provider provider, String transformation)
cipherSpi
- the delegateprovider
- the providertransformation
- the transformationMethod Detail |
public static final Cipher getInstance(String transformation) throws NoSuchAlgorithmException, NoSuchPaddingException
transformation
- the string representation of the requested
transformation, e.g., DES/CBC/PKCS5Paddingpublic static final Cipher getInstance(String transformation, String provider) throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException
transformation
- the string representation of the requested
transformation, e.g., DES/CBC/PKCS5Paddingprovider
- the name of the cipher providerProvider
public final String getAlgorithm()
Returns the algorithm name of this Cipher object.
This is the same name that was specified in one of the getInstance calls that created this Cipher object.
public final Provider getProvider()
public void init(int opmode, Key key) throws InvalidKeyException
Initializes this cipher with a key. The cipher is initialized for encryption or decryption, depending on the value of opmode.
If this cipher requires an initialization vector (IV), it will get it from a system-provided source of randomness. The random IV can be retrieved using getIV. This behaviour should only be used in encryption mode, however. When initializing a cipher that requires an IV for decryption, the IV (same IV that was used for encryption) must be provided explicitly as a parameter, in order to get the correct result.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher, and initializing it.
opmode
- the operation mode of this cipher (this is
either ENCRYPT_MODE or DECRYPT_MODE)key
- the keypublic void init(int opmode, Key key, SecureRandom random) throws InvalidKeyException
Initializes this cipher with a key and a source of randomness.
The cipher is initialized for encryption or decryption, depending on the value of opmode.
If this cipher requires an initialization vector (IV), it will get it from random. The random IV can be retrieved using getIV. This behaviour should only be used in encryption mode, however. When initializing a cipher that requires an IV for decryption, the IV (same IV that was used for encryption) must be provided explicitly as a parameter, in order to get the correct result.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher, and initializing it.
opmode
- the operation mode of this cipher (this is
either ENCRYPT_MODE or DECRYPT_MODE)key
- the keyrandom
- the source of randomnesspublic void init(int opmode, Key key, AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException
Initializes this cipher with a key and a set of algorithm parameters.
The cipher is initialized for encryption or decryption, depending on the value of opmode.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher, and initializing it.
opmode
- the operation mode of this cipher (this is
either ENCRYPT_MODE or DECRYPT_MODE)key
- the keyparams
- the algorithm parameterspublic void init(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness.
The cipher is initialized for encryption or decryption, depending on the value of opmode.
If this cipher (including its underlying feedback or padding scheme) requires any random bytes, it will get them from random.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher, and initializing it.
opmode
- the operation mode of this cipher (this is
either ENCRYPT_MODE or DECRYPT_MODE)key
- the keyparams
- the algorithm parametersrandom
- the source of randomnesspublic void init(int opmode, Key key, AlgorithmParameters params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness.
The cipher is initialized for encryption or decryption, depending on the value of opmode.
If this cipher requires any algorithm parameters and params is null, the underlying cipher implementation is supposed to generate the required parameters itself (using provider-specific default or random values) if it is being initialized for encryption, and raise an InvalidAlgorithmParameterException if it is being initialized for decryption. The generated parameters can be retrieved using getParameters or getIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme) requires any random bytes (eg. for parameter generation), it will get them from random.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher, and initializing it.
opmode
- the operation mode of this cipher (this is
either ENCRYPT_MODE or DECRYPT_MODE)key
- the keyparams
- the algorithm parametersrandom
- the source of randomnesspublic void init(int opmode, Key key, AlgorithmParameters params) throws InvalidKeyException, InvalidAlgorithmParameterException
Initializes this cipher with a key and a set of algorithm parameters.
The cipher is initialized for encryption or decryption, depending on the value of opmode.
If this cipher requires any algorithm parameters and params is null, the underlying cipher implementation is supposed to generate the required parameters itself (using provider-specific default or random values) if it is being initialized for encryption, and raise an InvalidAlgorithmParameterException if it is being initialized for decryption. The generated parameters can be retrieved using getParameters or getIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme) requires any random bytes (e.g., for parameter generation), it will get them using the SecureRandom implementation of the highest-priority installed provider as the source of randomness. (If none of the installed providers supply an implementation of SecureRandom, a system-provided source of randomness will be used.)
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher, and initializing it.
opmode
- the operation mode of this cipher (this is
either ENCRYPT_MODE or DECRYPT_MODE)key
- the keyparams
- the algorithm parameterspublic int getBlockSize()
public int getOutputSize(int inputLen) throws IllegalStateException
Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or doFinal operation, given the input length inputLen (in bytes).
This call takes into account any unprocessed (buffered) data from a previous update call, and padding.
The actual output length of the next update or doFinal call may be smaller than the length returned by this method.
inputLen
- - the input length (in bytes)public byte[] getIV()
Returns the initialization vector (IV) in a new buffer.
This is useful in the case where a random IV has been created (see init), or in the context of password-based encryption or decryption, where the IV is derived from a user-provided passphrase.
public byte[] update(byte[] input) throws IllegalStateException
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
The bytes in the input buffer are processed, and the result is stored in a new buffer.
input
- - the input bufferpublic byte[] update(byte[] input, int inputOffset, int inputLen) throws IllegalStateException
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
The first inputLen bytes in the input buffer, starting at inputOffset, are processed, and the result is stored in a new buffer.
input
- the input bufferinputOffset
- the offset in input where the input startsinputLen
- the input lengthpublic int update(byte[] input, int inputOffset, int inputLen, byte[] output) throws IllegalStateException, ShortBufferException
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
The first inputLen bytes in the input buffer, starting at inputOffset, are processed, and the result is stored in the output buffer.
If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.
input
- the input bufferinputOffset
- the offset in input where the input startsinputLen
- the input lengthoutput
- the buffer for the resultpublic int update(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws IllegalStateException, ShortBufferException
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
The first inputLen bytes in the input buffer, starting at inputOffset, are processed, and the result is stored in the output buffer, starting at outputOffset.
If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.
input
- the input bufferinputOffset
- the offset in input where the input startsinputLen
- the input lengthoutput
- the buffer for the resultoutputOffset
- the offset in output where the result is storedpublic byte[] doFinal() throws IllegalStateException, IllegalBlockSizeException, BadPaddingException
Finishes a multiple-part encryption or decryption operation, depending on how this cipher was initialized.
Input data that may have been buffered during a previous update operation is processed, with padding (if requested) being applied. The result is stored in a new buffer.
A call to this method resets this cipher object to the state it was in when previously initialized via a call to init. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to init) more data.
public byte[] doFinal(byte[] input) throws IllegalStateException, IllegalBlockSizeException, BadPaddingException
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.
The bytes in the input buffer, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. The result is stored in a new buffer.
A call to this method resets this cipher object to the state it was in when previously initialized via a call to init. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to init) more data.
input
- the input bufferpublic int doFinal(byte[] output, int outputOffset) throws IllegalStateException, IllegalBlockSizeException, ShortBufferException, BadPaddingException
Finishes a multiple-part encryption or decryption operation, depending on how this cipher was initialized.
Input data that may have been buffered during a previous update operation is processed, with padding (if requested) being applied. The result is stored in a new buffer.
If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.
A call to this method resets this cipher object to the state it was in when previously initialized via a call to init. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to init) more data.
input
- the input bufferoutputOffset
- the offset in output where the result is storedpublic byte[] doFinal(byte[] input, int inputOffset, int inputLen) throws IllegalStateException, IllegalBlockSizeException, BadPaddingException
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.
The first inputLen bytes in the input buffer, starting at inputOffset, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. The result is stored in a new buffer.
A call to this method resets this cipher object to the state it was in when previously initialized via a call to init. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to init) more data.
input
- the input bufferinputOffset
- the offset in input where the input startsinputLen
- the input lengthpublic int doFinal(byte[] input, int inputOffset, int inputLen, byte[] output) throws IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.
The first inputLen bytes in the input buffer, starting at inputOffset, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. The result is stored in the output buffer.
If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.
A call to this method resets this cipher object to the state it was in when previously initialized via a call to init. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to init) more data.
input
- the input bufferinputOffset
- the offset in input where the input startsinputLen
- the input lengthoutput
- the buffer for the resultpublic int doFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws IllegalStateException, ShortBufferException, IllegalBlockSizeException, BadPaddingException
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.
The first inputLen bytes in the input buffer, starting at inputOffset, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. The result is stored in the output buffer, starting at outputOffset.
If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.
A call to this method resets this cipher object to the state it was in when previously initialized via a call to init. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to init) more data.
input
- the input bufferinputOffset
- the offset in input where the input startsinputLen
- the input lengthoutput
- the buffer for the resultoutputOffset
- the offset in output where the result is
storedpublic final AlgorithmParameters getParameters()
The returned parameters may be the same that were used to initialize this cipher, or may contain the default set of parameters or a set of randomly generated parameters used by the underlying cipher implementation (provided that the underlying cipher implementation uses a default set of parameters or creates new parameters if it needs parameters but was not initialized with any).
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |