public final class

PBEWithMD5AndTripleDESCipher

extends CipherSpi
java.lang.Object
   ↳ javax.crypto.CipherSpi
     ↳ com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher

Class Overview

This class implements a proprietary password-based encryption algorithm. It is based on password-based encryption as defined by the PKCS #5 standard, except that is uses triple DES instead of DES. Here's how this algorithm works: 1. Create random salt and split it in two halves. If the two halves are identical, invert one of them. 2. Concatenate password with each of the halves. 3. Digest each concatenation with c iterations, where c is the iterationCount. Concatenate the output from each digest round with the password, and use the result as the input to the next digest operation. The digest algorithm is MD5. 4. After c iterations, use the 2 resulting digests as follows: The 16 bytes of the first digest and the 1st 8 bytes of the 2nd digest form the triple DES key, and the last 8 bytes of the 2nd digest form the IV.

See Also

Summary

Public Constructors
PBEWithMD5AndTripleDESCipher()
Creates an instance of this cipher, and initializes its mode (CBC) and padding (PKCS5).
Protected Methods
byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
int engineGetBlockSize()
Returns the block size (in bytes).
byte[] engineGetIV()
Returns the initialization vector (IV) in a new buffer.
int engineGetKeySize(Key key)
Returns the key size of the given key object.
int engineGetOutputSize(int inputLen)
Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or doFinal operation, given the input length inputLen (in bytes).
AlgorithmParameters engineGetParameters()
Returns the parameters used with this cipher.
void engineInit(int opmode, Key key, AlgorithmParameters params, SecureRandom random)
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness.
void engineInit(int opmode, Key key, SecureRandom random)
Initializes this cipher with a key and a source of randomness.
void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random)
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness.
void engineSetMode(String mode)
Sets the mode of this cipher.
void engineSetPadding(String paddingScheme)
Sets the padding mechanism of this cipher.
Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType)
Unwrap a previously wrapped key.
int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
byte[] engineUpdate(byte[] input, int inputOffset, int inputLen)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
byte[] engineWrap(Key key)
Wrap a key.
[Expand]
Inherited Methods
From class javax.crypto.CipherSpi
From class java.lang.Object

Public Constructors

public PBEWithMD5AndTripleDESCipher ()

Creates an instance of this cipher, and initializes its mode (CBC) and padding (PKCS5). Verify the SunJCE provider in the constructor.

Throws
NoSuchAlgorithmException if the required cipher mode (CBC) is unavailable
NoSuchPaddingException if the required padding mechanism (PKCS5Padding) is unavailable
SecurityException if fails to verify its own integrity

Protected Methods

protected byte[] engineDoFinal (byte[] input, int inputOffset, int inputLen)

Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.

The first inputLen bytes in the input buffer, starting at inputOffset, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. The result is stored in a new buffer.

The cipher is reset to its initial state (uninitialized) after this call.

Parameters
input the input buffer
inputOffset the offset in input where the input starts
inputLen the input length
Returns
  • the new buffer with the result
Throws
IllegalBlockSizeException if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size
BadPaddingException if decrypting and padding is choosen, but the last input data does not have proper padding bytes.

protected int engineDoFinal (byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)

Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.

The first inputLen bytes in the input buffer, starting at inputOffset, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. The result is stored in the output buffer, starting at outputOffset.

The cipher is reset to its initial state (uninitialized) after this call.

Parameters
input the input buffer
inputOffset the offset in input where the input starts
inputLen the input length
output the buffer for the result
outputOffset the offset in output where the result is stored
Returns
  • the number of bytes stored in output
Throws
IllegalBlockSizeException if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size
ShortBufferException if the given output buffer is too small to hold the result
BadPaddingException if decrypting and padding is choosen, but the last input data does not have proper padding bytes.

protected int engineGetBlockSize ()

Returns the block size (in bytes).

Returns
  • the block size (in bytes)

protected byte[] engineGetIV ()

Returns the initialization vector (IV) in a new buffer.

This is useful in the case where a random IV has been created (see init), or in the context of password-based encryption or decryption, where the IV is derived from a user-supplied password.

Returns
  • the initialization vector in a new buffer, or null if the underlying algorithm does not use an IV, or if the IV has not yet been set.

protected int engineGetKeySize (Key key)

Returns the key size of the given key object.

Parameters
key the key object.
Returns
  • the key size of the given key object.
Throws
InvalidKeyException if key is invalid.

protected int engineGetOutputSize (int inputLen)

Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or doFinal operation, given the input length inputLen (in bytes).

This call takes into account any unprocessed (buffered) data from a previous update call, and padding.

The actual output length of the next update or doFinal call may be smaller than the length returned by this method.

Parameters
inputLen the input length (in bytes)
Returns
  • the required output buffer size (in bytes)

protected AlgorithmParameters engineGetParameters ()

Returns the parameters used with this cipher.

The returned parameters may be the same that were used to initialize this cipher, or may contain the default set of parameters or a set of randomly generated parameters used by the underlying cipher implementation (provided that the underlying cipher implementation uses a default set of parameters or creates new parameters if it needs parameters but was not initialized with any).

Returns
  • the parameters used with this cipher, or null if this cipher does not use any parameters.

protected void engineInit (int opmode, Key key, AlgorithmParameters params, SecureRandom random)

Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness.

The cipher is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of opmode.

If this cipher requires any algorithm parameters and params is null, the underlying cipher implementation is supposed to generate the required parameters itself (using provider-specific default or random values) if it is being initialized for encryption or key wrapping, and raise an InvalidAlgorithmParameterException if it is being initialized for decryption or key unwrapping. The generated parameters can be retrieved using engineGetParameters or engineGetIV (if the parameter is an IV).

If this cipher (including its underlying feedback or padding scheme) requires any random bytes (e.g., for parameter generation), it will get them from random.

Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.

Parameters
opmode the operation mode of this cipher (this is one of the following: ENCRYPT_MODE, DECRYPT_MODE, WRAP_MODE or UNWRAP_MODE)
key the encryption key
params the algorithm parameters
random the source of randomness

protected void engineInit (int opmode, Key key, SecureRandom random)

Initializes this cipher with a key and a source of randomness. The cipher is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of opmode.

If this cipher (including its underlying feedback or padding scheme) requires any random bytes, it will get them from random.

Parameters
opmode the operation mode of this cipher (this is one of the following: ENCRYPT_MODE, DECRYPT_MODE), WRAP_MODE or UNWRAP_MODE)
key the encryption key
random the source of randomness
Throws
InvalidKeyException if the given key is inappropriate for initializing this cipher

protected void engineInit (int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random)

Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness. The cipher is initialized for encryption or decryption, depending on the value of opmode.

If this cipher (including its underlying feedback or padding scheme) requires any random bytes, it will get them from random.

Parameters
opmode the operation mode of this cipher (this is either ENCRYPT_MODE or DECRYPT_MODE)
key the encryption key
params the algorithm parameters
random the source of randomness
Throws
InvalidKeyException if the given key is inappropriate for initializing this cipher
InvalidAlgorithmParameterException if the given algorithm parameters are inappropriate for this cipher

protected void engineSetMode (String mode)

Sets the mode of this cipher. This algorithm can only be run in CBC mode.

Parameters
mode the cipher mode
Throws
NoSuchAlgorithmException if the requested cipher mode is invalid

protected void engineSetPadding (String paddingScheme)

Sets the padding mechanism of this cipher. This algorithm only uses PKCS #5 padding.

Parameters
paddingScheme the padding mechanism
Throws
NoSuchPaddingException if the requested padding mechanism is invalid

protected Key engineUnwrap (byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType)

Unwrap a previously wrapped key.

Parameters
wrappedKey the key to be unwrapped.
wrappedKeyAlgorithm the algorithm the wrapped key is for.
wrappedKeyType the type of the wrapped key. This is one of Cipher.SECRET_KEY, Cipher.PRIVATE_KEY, or Cipher.PUBLIC_KEY.
Returns
  • the unwrapped key.
Throws
NoSuchAlgorithmException if no installed providers can create keys of type wrappedKeyType for the wrappedKeyAlgorithm.
InvalidKeyException if wrappedKey does not represent a wrapped key of type wrappedKeyType for the wrappedKeyAlgorithm.

protected int engineUpdate (byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)

Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.

The first inputLen bytes in the input buffer, starting at inputOffset, are processed, and the result is stored in the output buffer, starting at outputOffset.

Parameters
input the input buffer
inputOffset the offset in input where the input starts
inputLen the input length
output the buffer for the result
outputOffset the offset in output where the result is stored
Returns
  • the number of bytes stored in output
Throws
ShortBufferException if the given output buffer is too small to hold the result

protected byte[] engineUpdate (byte[] input, int inputOffset, int inputLen)

Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.

The first inputLen bytes in the input buffer, starting at inputOffset, are processed, and the result is stored in a new buffer.

Parameters
input the input buffer
inputOffset the offset in input where the input starts
inputLen the input length
Returns
  • the new buffer with the result

protected byte[] engineWrap (Key key)

Wrap a key.

Parameters
key the key to be wrapped.
Returns
  • the wrapped key.
Throws
IllegalBlockSizeException if this cipher is a block cipher, no padding has been requested, and the length of the encoding of the key to be wrapped is not a multiple of the block size.
InvalidKeyException if it is impossible or unsafe to wrap the key with this cipher (e.g., a hardware protected key is being passed to a software only cipher).