| java.lang.Object | ||
| ↳ | javax.crypto.CipherSpi | |
| ↳ | com.sun.crypto.provider.RSACipher | |
Class Overview
RSA cipher implementation. Supports RSA en/decryption and signing/verifying using PKCS#1 v1.5 padding and without padding (raw RSA). Note that raw RSA is supported mostly for completeness and should only be used in rare cases. Objects should be instantiated by calling Cipher.getInstance() using the following algorithm names: . "RSA/ECB/PKCS1Padding" (or "RSA") for PKCS#1 padding. The mode (blocktype) is selected based on the en/decryption mode and public/private key used . "RSA/ECB/NoPadding" for rsa RSA. We only do one RSA operation per doFinal() call. If the application passes more data via calls to update() or doFinal(), we throw an IllegalBlockSizeException when doFinal() is called (see JCE API spec). Bulk encryption using RSA does not make sense and is not standardized. Note: RSA keys should be at least 512 bits long
Summary
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Protected Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Encrypts or decrypts data in a single-part operation,
or finishes a multiple-part operation.
| |||||||||||
Encrypts or decrypts data in a single-part operation,
or finishes a multiple-part operation.
| |||||||||||
Returns the block size (in bytes).
| |||||||||||
Returns the initialization vector (IV) in a new buffer.
| |||||||||||
Returns the key size of the given key object in bits.
| |||||||||||
Returns the length in bytes that an output buffer would
need to be in order to hold the result of the next
update
or doFinal operation, given the input length
inputLen (in bytes). | |||||||||||
Returns the parameters used with this cipher.
| |||||||||||
Initializes this cipher with a key, a set of
algorithm parameters, and a source of randomness.
| |||||||||||
Initializes this cipher with a key and a source
of randomness.
| |||||||||||
Initializes this cipher with a key, a set of
algorithm parameters, and a source of randomness.
| |||||||||||
Sets the mode of this cipher.
| |||||||||||
Sets the padding mechanism of this cipher.
| |||||||||||
Unwrap a previously wrapped key.
| |||||||||||
Continues a multiple-part encryption or decryption operation
(depending on how this cipher was initialized), processing another data
part.
| |||||||||||
Continues a multiple-part encryption or decryption operation
(depending on how this cipher was initialized), processing another data
part.
| |||||||||||
Wrap a key.
| |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
javax.crypto.CipherSpi
| |||||||||||
|
From class
java.lang.Object
| |||||||||||
Public Constructors
public RSACipher ()
Protected Methods
protected byte[] engineDoFinal (byte[] in, int inOfs, int inLen)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.
The first inputLen bytes in the input
buffer, starting at inputOffset inclusive, and any input
bytes that may have been buffered during a previous update
operation, are processed, with padding (if requested) being applied.
The result is stored in a new buffer.
Upon finishing, this method resets this cipher object to the state
it was in when previously initialized via a call to
engineInit.
That is, the object is reset and available to encrypt or decrypt
(depending on the operation mode that was specified in the call to
engineInit) more data.
Note: if any exception is thrown, this cipher object may need to be reset before it can be used again.
Parameters
| in | the input buffer |
|---|---|
| inOfs | the offset in input where the input
starts |
| inLen | the input length |
Returns
- the new buffer with the result
protected int engineDoFinal (byte[] in, int inOfs, int inLen, byte[] out, int outOfs)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.
The first inputLen bytes in the input
buffer, starting at inputOffset inclusive, and any input
bytes that may have been buffered during a previous update
operation, are processed, with padding (if requested) being applied.
The result is stored in the output buffer, starting at
outputOffset inclusive.
If the output buffer is too small to hold the result,
a ShortBufferException is thrown.
Upon finishing, this method resets this cipher object to the state
it was in when previously initialized via a call to
engineInit.
That is, the object is reset and available to encrypt or decrypt
(depending on the operation mode that was specified in the call to
engineInit) more data.
Note: if any exception is thrown, this cipher object may need to be reset before it can be used again.
Parameters
| in | the input buffer |
|---|---|
| inOfs | the offset in input where the input
starts |
| inLen | the input length |
| out | the buffer for the result |
| outOfs | the offset in output where the result
is stored |
Returns
- the number of bytes stored in
output
protected int engineGetBlockSize ()
Returns the block size (in bytes).
Returns
- the block size (in bytes), or 0 if the underlying algorithm is not a block cipher
protected byte[] engineGetIV ()
Returns the initialization vector (IV) in a new buffer.
This is useful in the context of password-based encryption or decryption, where the IV is derived from a user-provided passphrase.
Returns
- the initialization vector in a new buffer, or null if the underlying algorithm does not use an IV, or if the IV has not yet been set.
protected int engineGetKeySize (Key key)
Returns the key size of the given key object in bits.
This concrete method has been added to this previously-defined
abstract class. It throws an UnsupportedOperationException
if it is not overridden by the provider.
Parameters
| key | the key object. |
|---|
Returns
- the key size of the given key object.
Throws
| InvalidKeyException |
|---|
protected int engineGetOutputSize (int inputLen)
Returns the length in bytes that an output buffer would
need to be in order to hold the result of the next update
or doFinal operation, given the input length
inputLen (in bytes).
This call takes into account any unprocessed (buffered) data from a
previous update call, and padding.
The actual output length of the next update or
doFinal call may be smaller than the length returned by
this method.
Parameters
| inputLen | the input length (in bytes) |
|---|
Returns
- the required output buffer size (in bytes)
protected AlgorithmParameters engineGetParameters ()
Returns the parameters used with this cipher.
The returned parameters may be the same that were used to initialize this cipher, or may contain a combination of default and random parameter values used by the underlying cipher implementation if this cipher requires algorithm parameters but was not initialized with any.
Returns
- the parameters used with this cipher, or null if this cipher does not use any parameters.
protected void engineInit (int opmode, Key key, AlgorithmParameters params, SecureRandom random)
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness.
The cipher is initialized for one of the following four operations:
encryption, decryption, key wrapping or key unwrapping, depending on
the value of opmode.
If this cipher requires any algorithm parameters and
params is null, the underlying cipher implementation is
supposed to generate the required parameters itself (using
provider-specific default or random values) if it is being
initialized for encryption or key wrapping, and raise an
InvalidAlgorithmParameterException if it is being
initialized for decryption or key unwrapping.
The generated parameters can be retrieved using
engineGetParameters or
engineGetIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes (e.g., for parameter generation), it will get
them from random.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.
Parameters
| opmode | the operation mode of this cipher (this is one of
the following:
ENCRYPT_MODE, DECRYPT_MODE,
WRAP_MODE or UNWRAP_MODE) |
|---|---|
| key | the encryption key |
| params | the algorithm parameters |
| random | the source of randomness |
protected void engineInit (int opmode, Key key, SecureRandom random)
Initializes this cipher with a key and a source of randomness.
The cipher is initialized for one of the following four operations:
encryption, decryption, key wrapping or key unwrapping, depending on
the value of opmode.
If this cipher requires any algorithm parameters that cannot be
derived from the given key, the underlying cipher
implementation is supposed to generate the required parameters itself
(using provider-specific default or random values) if it is being
initialized for encryption or key wrapping, and raise an
InvalidKeyException if it is being
initialized for decryption or key unwrapping.
The generated parameters can be retrieved using
engineGetParameters or
engineGetIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes (e.g., for parameter generation), it will get
them from random.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.
Parameters
| opmode | the operation mode of this cipher (this is one of
the following:
ENCRYPT_MODE, DECRYPT_MODE,
WRAP_MODE or UNWRAP_MODE) |
|---|---|
| key | the encryption key |
| random | the source of randomness |
Throws
| InvalidKeyException |
|---|
protected void engineInit (int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random)
Initializes this cipher with a key, a set of algorithm parameters, and a source of randomness.
The cipher is initialized for one of the following four operations:
encryption, decryption, key wrapping or key unwrapping, depending on
the value of opmode.
If this cipher requires any algorithm parameters and
params is null, the underlying cipher implementation is
supposed to generate the required parameters itself (using
provider-specific default or random values) if it is being
initialized for encryption or key wrapping, and raise an
InvalidAlgorithmParameterException if it is being
initialized for decryption or key unwrapping.
The generated parameters can be retrieved using
engineGetParameters or
engineGetIV (if the parameter is an IV).
If this cipher (including its underlying feedback or padding scheme)
requires any random bytes (e.g., for parameter generation), it will get
them from random.
Note that when a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.
Parameters
| opmode | the operation mode of this cipher (this is one of
the following:
ENCRYPT_MODE, DECRYPT_MODE,
WRAP_MODE or UNWRAP_MODE) |
|---|---|
| key | the encryption key |
| params | the algorithm parameters |
| random | the source of randomness |
protected void engineSetMode (String mode)
protected void engineSetPadding (String paddingName)
Sets the padding mechanism of this cipher.
Parameters
| paddingName | the padding mechanism |
|---|
Throws
| NoSuchPaddingException |
|---|
protected Key engineUnwrap (byte[] wrappedKey, String algorithm, int type)
Unwrap a previously wrapped key.
This concrete method has been added to this previously-defined abstract class. (For backwards compatibility, it cannot be abstract.) It may be overridden by a provider to unwrap a previously wrapped key. Such an override is expected to throw an InvalidKeyException if the given wrapped key cannot be unwrapped. If this method is not overridden, it always throws an UnsupportedOperationException.
Parameters
| wrappedKey | the key to be unwrapped. |
|---|---|
| algorithm | the algorithm associated with the wrapped key. |
| type | the type of the wrapped key. This is one of
SECRET_KEY, PRIVATE_KEY, or
PUBLIC_KEY. |
Returns
- the unwrapped key.
protected int engineUpdate (byte[] in, int inOfs, int inLen, byte[] out, int outOfs)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
The first inputLen bytes in the input
buffer, starting at inputOffset inclusive, are processed,
and the result is stored in the output buffer, starting at
outputOffset inclusive.
If the output buffer is too small to hold the result,
a ShortBufferException is thrown.
Parameters
| in | the input buffer |
|---|---|
| inOfs | the offset in input where the input
starts |
| inLen | the input length |
| out | the buffer for the result |
| outOfs | the offset in output where the result
is stored |
Returns
- the number of bytes stored in
output
protected byte[] engineUpdate (byte[] in, int inOfs, int inLen)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
The first inputLen bytes in the input
buffer, starting at inputOffset inclusive, are processed,
and the result is stored in a new buffer.
Parameters
| in | the input buffer |
|---|---|
| inOfs | the offset in input where the input
starts |
| inLen | the input length |
Returns
- the new buffer with the result, or null if the underlying cipher is a block cipher and the input data is too short to result in a new block.
protected byte[] engineWrap (Key key)
Wrap a key.
This concrete method has been added to this previously-defined abstract class. (For backwards compatibility, it cannot be abstract.) It may be overridden by a provider to wrap a key. Such an override is expected to throw an IllegalBlockSizeException or InvalidKeyException (under the specified circumstances), if the given key cannot be wrapped. If this method is not overridden, it always throws an UnsupportedOperationException.
Parameters
| key | the key to be wrapped. |
|---|
Returns
- the wrapped key.