RSApkcs1 (Oracle Fusion Middleware Crypto Java API Reference)

Overview

Package

Class

Tree

Deprecated

Index

Help

Oracle Fusion Middleware Crypto Java API Reference for Oracle Security Developer Tools
11g Release 1 (11.1.1)
E10668-04

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.security.crypto.core
Class RSApkcs1

java.lang.Object oracle.security.crypto.core.Coder oracle.security.crypto.core.Cipher oracle.security.crypto.core.RSApkcs1

public final class RSApkcs1

extends Cipher

An implementation of PKCS#1 v2.0 that supports the following encryption schemes: RSAES-OAEP, and RSAES-PKCS1-v1_5. According to the specification, RSAES-OAEP is recommended for new applications, and RSAES-PKCS1-v1_5 is included only for compatiblity with existing applications and protocols. The encryption schemes are used to combine RSA encryption and decryption primitives with an encoding method. Encryption and decryption can only be done through the methods encrypt(byte[]) and decrypt(byte[]).

RSApkcs1 relies on the RSA class to perform the raw encryption/decryption operation.

For greater security, it is considered a good practice to use a given key pair with only one encryption scheme, and use a different key pair if a second scheme is to be used in a different situation.

Since:: 2.0
See Also:: OAEPAlgorithmIdentifier, RSA

Field Summary

Fields inherited from class oracle.security.crypto.core.Cipher
`CBC, ECB, key, mode, rbs`

Constructor Summary
`RSApkcs1()` Creates an uninitialized RSApkcs1 instance.

Method Summary
`java.lang.String`	`algName()` Returns the encryption scheme as a string.
`byte[]`	`decrypt(byte[] input, int inOff, int len, boolean unpad)` Decrypts a sequence of bytes of specified length.
`void`	`decrypt(byte[] input, int inOff, int len, byte[] output, int outOff)` Decrypts a sequence of bytes of specified length and places the original plaintext message in the given output buffer starting at the given offset.
`byte[]`	`encrypt(byte[] input, int inOff, int len, boolean pad)` Encrypts a sequence of bytes of specified length.
`void`	`encrypt(byte[] input, int inOff, int len, byte[] output, int outOff)` Encrypts a sequence of bytes of specified length and places the resulting ciphertext in the given output buffer starting at the given offset.
`void`	`erase()` Erases any sensitive information (such as buffers and subkey tables) stored in this cipher object.
`AlgorithmIdentifier`	`getAlgID()` Builds an AlgorithmIdentifier that is a "snapshot" of the Cipher's current configuration.
`int`	`getBlockSize()` Returns 0, because this is not a block cipher.
`void`	`initialize(AlgorithmIdentifier algID, Key key, RandomBitsSource rbs)` This method initializes the cipher with the given AlgorithmIdentifier and then configures itself with the given key and RandomBitsSource.
`PrivateKey`	`unwrapPrivateKey(byte[] key)` Always throws a CipherException -- cannot unwrap a private key using this cipher.
`SymmetricKey`	`unwrapSymmetricKey(byte[] encKey, AlgorithmIdentifier algID)` Unwraps a symmetric key using this cipher.
`byte[]`	`wrapKey(PrivateKey key)` Always throws a CipherException -- cannot wrap a private key using this cipher.
`byte[]`	`wrapKey(SymmetricKey key)` Wraps a symmetric key using this cipher.

Methods inherited from class oracle.security.crypto.core.Cipher
`assertDecryption, assertEncryption, assertKeyUnwrap, assertKeyWrap, cloneKey, decodeOp, decrypt, decrypt, decrypt, encodeOp, encrypt, encrypt, encrypt, finalize, getInstance, getInstance, getInstance, getInstance, getInstance, getInstance, getIV, getMode, getPaddingID, initialize, initialize, initialize, releaseOp`

Methods inherited from class oracle.security.crypto.core.Coder
`decode, decode, encode, encode`

Methods inherited from class java.lang.Object
`clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

RSApkcs1

public RSApkcs1()

Creates an uninitialized RSApkcs1 instance. To use the Cipher, it must be initialized with a Key and algorithm parameters, usually in the form of an AlgorithmIdentifier.

By default, the encoding method is PKCS #1 v1.5 for backwards compatability.

Method Detail

initialize

public void initialize(AlgorithmIdentifier algID,
                       Key key,
                       RandomBitsSource rbs)
                throws AlgorithmIdentifierException,
                       InvalidKeyException

This method initializes the cipher with the given AlgorithmIdentifier and then configures itself with the given key and RandomBitsSource.

Specified by:: initialize in class Cipher

Parameters:: algID - The AlgorithmIdentifier whose params will be used to configure the cipher.; key - The Key instance that will be used by the cipher internally.; rbs - The RandomBitsSource that the Cipher uses during encryption operations. If null is provided, the Cipher will call RandomBitsSource.getDefault() when it is required.
Throws:: AlgorithmIdentifierException - If the algID's OID isn't valid for the Cipher instance being initialized or if the params are not valid for the algID's OID.; InvalidKeyException - If there is a problem with the Key instance the Cipher is being initialized with.

decrypt

public byte[] decrypt(byte[] input,
                      int inOff,
                      int len,
                      boolean unpad)
               throws CipherException

Decrypts a sequence of bytes of specified length.

Specified by:: decrypt in class Cipher

Parameters:: input - Buffer in which data to be decrypted is stored.; inOff - Offset within buffer of the start of data.; len - The length of the data.; unpad - Ignored because encoding data is not optional in RSA Encryption.
Returns:: The decrypted bytes.
Throws:: CipherException - If cipher not initialized, data is not a multiple of the block size and no padding is specified, etc.

decrypt

public void decrypt(byte[] input,
                    int inOff,
                    int len,
                    byte[] output,
                    int outOff)
             throws CipherException

Decrypts a sequence of bytes of specified length and places the original plaintext message in the given output buffer starting at the given offset. This method will not attempt to pad the input.

Specified by:: decrypt in class Cipher

Parameters:: input - Array of bytes to decrypt.; inOff - Offset of the start of the data to decrypt.; len - The length of the data to decrypt.; output - Array to place the decrypted bytes.; outOff - Offset of the start of the decrypted bytes.
Throws:: CipherException - If there is a problem with the decryption process or if the cipher was not initialized for decryption.

encrypt

public byte[] encrypt(byte[] input,
                      int inOff,
                      int len,
                      boolean pad)
               throws CipherException

Encrypts a sequence of bytes of specified length.

Specified by:: encrypt in class Cipher

Parameters:: input - Buffer in which data to be encrypted is stored.; inOff - Offset within buffer of the start of the data.; len - The length of the data.; pad - Ignored because encoding data is not optional in RSA Encryption.
Returns:: The encrypted bytes.
Throws:: CipherException - If cipher not initialized, data is not a multiple of the block size and no padding is specified, etc.

encrypt

public void encrypt(byte[] input,
                    int inOff,
                    int len,
                    byte[] output,
                    int outOff)
             throws CipherException

Encrypts a sequence of bytes of specified length and places the resulting ciphertext in the given output buffer starting at the given offset. This method will not attempt to unpad the result.

Specified by:: encrypt in class Cipher

Parameters:: input - Array of bytes to encrypt.; inOff - Offset of the start of data to encrypt.; len - The length of the data to encrypt.; output - Array to place the encrypted bytes.; outOff - Offset of the start of the encrypted bytes.
Throws:: CipherException - If there are problems with the encryption operation or if the Cipher was not initialized for encryption.

wrapKey

public byte[] wrapKey(PrivateKey key)
               throws CipherException

Always throws a CipherException -- cannot wrap a private key using this cipher.

Specified by:: wrapKey in class Cipher

Parameters:: key - The private key to wrap.
Returns:: The encrypted key.
Throws:: CipherException - If the Cipher was not initialized, if the Cipher was used for wrapping without being re-initialized or if an error occurred during the wrapping process.

wrapKey

public byte[] wrapKey(SymmetricKey key)
               throws CipherException

Wraps a symmetric key using this cipher.

Specified by:: wrapKey in class Cipher

Parameters:: key - The symmetric key to wrap.
Returns:: The encrypted key.
Throws:: CipherException - If the Cipher was not initialized, if the Cipher was used for wrapping without being re-initialized or if an error occurred during the wrapping process.

unwrapPrivateKey

public PrivateKey unwrapPrivateKey(byte[] key)
                            throws CipherException

Always throws a CipherException -- cannot unwrap a private key using this cipher.

Specified by:: unwrapPrivateKey in class Cipher

Parameters:: key - The encrypted key.
Returns:: The unwrapped symmetric key.
Throws:: CipherException - If the Cipher was not initialized, if the Cipher was used for unwrapping without being re-initialized or if an error occurred during the decryption process.

unwrapSymmetricKey

public SymmetricKey unwrapSymmetricKey(byte[] encKey,
                                       AlgorithmIdentifier algID)
                                throws CipherException

Unwraps a symmetric key using this cipher.

Specified by:: unwrapSymmetricKey in class Cipher

Parameters:: encKey - The encrypted key.; algID - The algorithm identifier of the wrapped symmetric key.
Returns:: The unwrapped private key.
Throws:: CipherException - If the Cipher was not initialized, if the Cipher was used for unwrapping without being re-initialized or if an error occurred during the encryption process.

getAlgID

public AlgorithmIdentifier getAlgID()

Builds an AlgorithmIdentifier that is a "snapshot" of the Cipher's current configuration.

Altering this AlgorithmIdentifier will have no effect on the state of the Cipher.

Specified by:: getAlgID in class Cipher

Returns:: An AlgorithmIdentifier that is a "snapshot" of the Cipher's current configuration.

algName

public java.lang.String algName()

Returns the encryption scheme as a string.

Specified by:: algName in class Coder

getBlockSize

public int getBlockSize()

Returns 0, because this is not a block cipher.

Specified by:: getBlockSize in class Cipher

Returns:: 0 because this is not a block cipher.

erase

public void erase()

Description copied from class: Cipher

Erases any sensitive information (such as buffers and subkey tables) stored in this cipher object. Additionally, this will erase the reference of the cipher's key.

Overrides:: erase in class Cipher

Overview

Package

Class

Tree

Deprecated

Index

Help

Oracle Fusion Middleware Crypto Java API Reference for Oracle Security Developer Tools
11g Release 1 (11.1.1)
E10668-04

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.security.crypto.core Class RSApkcs1

RSApkcs1

initialize

decrypt

decrypt

encrypt

encrypt

wrapKey

wrapKey

unwrapPrivateKey

unwrapSymmetricKey

getAlgID

algName

getBlockSize

erase

oracle.security.crypto.core
Class RSApkcs1