Skip navigation links

Oracle Fusion Middleware Crypto Java API Reference for Oracle Security Developer Tools
11g Release 1 (11.1.1)

E10668-05


oracle.security.crypto.core
Class RSApkcs1

java.lang.Object
  extended by oracle.security.crypto.core.Coder
      extended by oracle.security.crypto.core.Cipher
          extended by oracle.security.crypto.core.RSApkcs1


public final class RSApkcs1
extends Cipher

An implementation of PKCS#1 v2.0 that supports the following encryption schemes: RSAES-OAEP, and RSAES-PKCS1-v1_5. According to the specification, RSAES-OAEP is recommended for new applications, and RSAES-PKCS1-v1_5 is included only for compatiblity with existing applications and protocols. The encryption schemes are used to combine RSA encryption and decryption primitives with an encoding method. Encryption and decryption can only be done through the methods encrypt(byte[]) and decrypt(byte[]).

RSApkcs1 relies on the RSA class to perform the raw encryption/decryption operation.

For greater security, it is considered a good practice to use a given key pair with only one encryption scheme, and use a different key pair if a second scheme is to be used in a different situation.

Since:
2.0
See Also:
OAEPAlgorithmIdentifier, RSA

Field Summary

 

Fields inherited from class oracle.security.crypto.core.Cipher
CBC, ECB, key, mode, rbs

 

Constructor Summary
RSApkcs1()
          Creates an uninitialized RSApkcs1 instance.

 

Method Summary
 java.lang.String algName()
          Returns the encryption scheme as a string.
 byte[] decrypt(byte[] input, int inOff, int len, boolean unpad)
          Decrypts a sequence of bytes of specified length.
 void decrypt(byte[] input, int inOff, int len, byte[] output, int outOff)
          Decrypts a sequence of bytes of specified length and places the original plaintext message in the given output buffer starting at the given offset.
 byte[] encrypt(byte[] input, int inOff, int len, boolean pad)
          Encrypts a sequence of bytes of specified length.
 void encrypt(byte[] input, int inOff, int len, byte[] output, int outOff)
          Encrypts a sequence of bytes of specified length and places the resulting ciphertext in the given output buffer starting at the given offset.
 void erase()
          Erases any sensitive information (such as buffers and subkey tables) stored in this cipher object.
 AlgorithmIdentifier getAlgID()
          Builds an AlgorithmIdentifier that is a "snapshot" of the Cipher's current configuration.
 int getBlockSize()
          Returns 0, because this is not a block cipher.
 void initialize(AlgorithmIdentifier algID, Key key, RandomBitsSource rbs)
          This method initializes the cipher with the given AlgorithmIdentifier and then configures itself with the given key and RandomBitsSource.
 PrivateKey unwrapPrivateKey(byte[] key)
          Always throws a CipherException -- cannot unwrap a private key using this cipher.
 SymmetricKey unwrapSymmetricKey(byte[] encKey, AlgorithmIdentifier algID)
          Unwraps a symmetric key using this cipher.
 byte[] wrapKey(PrivateKey key)
          Always throws a CipherException -- cannot wrap a private key using this cipher.
 byte[] wrapKey(SymmetricKey key)
          Wraps a symmetric key using this cipher.

 

Methods inherited from class oracle.security.crypto.core.Cipher
assertDecryption, assertEncryption, assertKeyUnwrap, assertKeyWrap, cloneKey, decodeOp, decrypt, decrypt, decrypt, encodeOp, encrypt, encrypt, encrypt, finalize, getInstance, getInstance, getInstance, getInstance, getInstance, getInstance, getIV, getMode, getPaddingID, initialize, initialize, initialize, releaseOp

 

Methods inherited from class oracle.security.crypto.core.Coder
decode, decode, encode, encode

 

Methods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Constructor Detail

RSApkcs1

public RSApkcs1()
Creates an uninitialized RSApkcs1 instance. To use the Cipher, it must be initialized with a Key and algorithm parameters, usually in the form of an AlgorithmIdentifier.

By default, the encoding method is PKCS #1 v1.5 for backwards compatability.

Method Detail

initialize

public void initialize(AlgorithmIdentifier algID,
                       Key key,
                       RandomBitsSource rbs)
                throws AlgorithmIdentifierException,
                       InvalidKeyException
This method initializes the cipher with the given AlgorithmIdentifier and then configures itself with the given key and RandomBitsSource.
Specified by:
initialize in class Cipher
Parameters:
algID - The AlgorithmIdentifier whose params will be used to configure the cipher.
key - The Key instance that will be used by the cipher internally.
rbs - The RandomBitsSource that the Cipher uses during encryption operations. If null is provided, the Cipher will call RandomBitsSource.getDefault() when it is required.
Throws:
AlgorithmIdentifierException - If the algID's OID isn't valid for the Cipher instance being initialized or if the params are not valid for the algID's OID.
InvalidKeyException - If there is a problem with the Key instance the Cipher is being initialized with.

decrypt

public byte[] decrypt(byte[] input,
                      int inOff,
                      int len,
                      boolean unpad)
               throws CipherException
Decrypts a sequence of bytes of specified length.
Specified by:
decrypt in class Cipher
Parameters:
input - Buffer in which data to be decrypted is stored.
inOff - Offset within buffer of the start of data.
len - The length of the data.
unpad - Ignored because encoding data is not optional in RSA Encryption.
Returns:
The decrypted bytes.
Throws:
CipherException - If cipher not initialized, data is not a multiple of the block size and no padding is specified, etc.

decrypt

public void decrypt(byte[] input,
                    int inOff,
                    int len,
                    byte[] output,
                    int outOff)
             throws CipherException
Decrypts a sequence of bytes of specified length and places the original plaintext message in the given output buffer starting at the given offset. This method will not attempt to pad the input.
Specified by:
decrypt in class Cipher
Parameters:
input - Array of bytes to decrypt.
inOff - Offset of the start of the data to decrypt.
len - The length of the data to decrypt.
output - Array to place the decrypted bytes.
outOff - Offset of the start of the decrypted bytes.
Throws:
CipherException - If there is a problem with the decryption process or if the cipher was not initialized for decryption.

encrypt

public byte[] encrypt(byte[] input,
                      int inOff,
                      int len,
                      boolean pad)
               throws CipherException
Encrypts a sequence of bytes of specified length.
Specified by:
encrypt in class Cipher
Parameters:
input - Buffer in which data to be encrypted is stored.
inOff - Offset within buffer of the start of the data.
len - The length of the data.
pad - Ignored because encoding data is not optional in RSA Encryption.
Returns:
The encrypted bytes.
Throws:
CipherException - If cipher not initialized, data is not a multiple of the block size and no padding is specified, etc.

encrypt

public void encrypt(byte[] input,
                    int inOff,
                    int len,
                    byte[] output,
                    int outOff)
             throws CipherException
Encrypts a sequence of bytes of specified length and places the resulting ciphertext in the given output buffer starting at the given offset. This method will not attempt to unpad the result.
Specified by:
encrypt in class Cipher
Parameters:
input - Array of bytes to encrypt.
inOff - Offset of the start of data to encrypt.
len - The length of the data to encrypt.
output - Array to place the encrypted bytes.
outOff - Offset of the start of the encrypted bytes.
Throws:
CipherException - If there are problems with the encryption operation or if the Cipher was not initialized for encryption.

wrapKey

public byte[] wrapKey(PrivateKey key)
               throws CipherException
Always throws a CipherException -- cannot wrap a private key using this cipher.
Specified by:
wrapKey in class Cipher
Parameters:
key - The private key to wrap.
Returns:
The encrypted key.
Throws:
CipherException - If the Cipher was not initialized, if the Cipher was used for wrapping without being re-initialized or if an error occurred during the wrapping process.

wrapKey

public byte[] wrapKey(SymmetricKey key)
               throws CipherException
Wraps a symmetric key using this cipher.
Specified by:
wrapKey in class Cipher
Parameters:
key - The symmetric key to wrap.
Returns:
The encrypted key.
Throws:
CipherException - If the Cipher was not initialized, if the Cipher was used for wrapping without being re-initialized or if an error occurred during the wrapping process.

unwrapPrivateKey

public PrivateKey unwrapPrivateKey(byte[] key)
                            throws CipherException
Always throws a CipherException -- cannot unwrap a private key using this cipher.
Specified by:
unwrapPrivateKey in class Cipher
Parameters:
key - The encrypted key.
Returns:
The unwrapped symmetric key.
Throws:
CipherException - If the Cipher was not initialized, if the Cipher was used for unwrapping without being re-initialized or if an error occurred during the decryption process.

unwrapSymmetricKey

public SymmetricKey unwrapSymmetricKey(byte[] encKey,
                                       AlgorithmIdentifier algID)
                                throws CipherException
Unwraps a symmetric key using this cipher.
Specified by:
unwrapSymmetricKey in class Cipher
Parameters:
encKey - The encrypted key.
algID - The algorithm identifier of the wrapped symmetric key.
Returns:
The unwrapped private key.
Throws:
CipherException - If the Cipher was not initialized, if the Cipher was used for unwrapping without being re-initialized or if an error occurred during the encryption process.

getAlgID

public AlgorithmIdentifier getAlgID()
Builds an AlgorithmIdentifier that is a "snapshot" of the Cipher's current configuration.

Altering this AlgorithmIdentifier will have no effect on the state of the Cipher.

Specified by:
getAlgID in class Cipher
Returns:
An AlgorithmIdentifier that is a "snapshot" of the Cipher's current configuration.

algName

public java.lang.String algName()
Returns the encryption scheme as a string.
Specified by:
algName in class Coder

getBlockSize

public int getBlockSize()
Returns 0, because this is not a block cipher.
Specified by:
getBlockSize in class Cipher
Returns:
0 because this is not a block cipher.

erase

public void erase()
Description copied from class: Cipher
Erases any sensitive information (such as buffers and subkey tables) stored in this cipher object. Additionally, this will erase the reference of the cipher's key.
Overrides:
erase in class Cipher

Skip navigation links

Oracle Fusion Middleware Crypto Java API Reference for Oracle Security Developer Tools
11g Release 1 (11.1.1)

E10668-05


Copyright © 2005, 2013, Oracle. All rights reserved.