Class Cipher
- java.lang.Object
-
- javacardx.crypto.Cipher
-
- Direct Known Subclasses:
AEADCipher
,Cipher.OneShot
public abstract class Cipher extends Object
TheCipher
class is the abstract base class for Cipher algorithms. Implementations of Cipher algorithms must extend this class and implement all the abstract methods.The term "pad" is used in the public key cipher algorithms below to refer to all the operations specified in the referenced scheme to transform the message block into the cipher block size.
The asymmetric key algorithms encrypt using either a public key (to cipher) or a private key (to sign). In addition they decrypt using the either a private key (to decipher) or a public key (to verify). However, usage of some padding schemes, such as PKCS#1-OAEP, is intended for encryption or decryption operations only, and therefore should be limited to their intended purpose.
A tear or card reset event resets an initialized
Cipher
object to the state it was in when previously initialized via a call toinit()
. For algorithms which support keys with transient key data sets, such as DES, triple DES and AES, and Korean SEED theCipher
object key becomes uninitialized on clear events associated with theKey
object used to initialize theCipher
object.Even if a transaction is in progress, update of intermediate result state in the implementation instance shall not participate in the transaction.
Note:
- On a tear or card reset event, the AES, DES, triple DES and Korean SEED algorithms in CBC mode
reset the initial vector(IV) to 0. The initial vector(IV) can be re-initialized using the
init(Key, byte, byte[], short, short)
method.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
Cipher.OneShot
TheOneShot
class is a specialization of theCipher
class intended to support efficient one-shot ciphering and deciphering operations that may avoid persistent memory writes entirely.
-
Field Summary
Fields Modifier and Type Field Description static byte
ALG_AES_BLOCK_128_CBC_NOPAD
Cipher algorithmALG_AES_BLOCK_128_CBC_NOPAD
provides a cipher using AES with block size 128 in CBC mode and does not pad input data.static byte
ALG_AES_BLOCK_128_ECB_NOPAD
Cipher algorithmALG_AES_BLOCK_128_ECB_NOPAD
provides a cipher using AES with block size 128 in ECB mode and does not pad input data.static byte
ALG_AES_BLOCK_192_CBC_NOPAD
Deprecated.static byte
ALG_AES_BLOCK_192_ECB_NOPAD
Deprecated.static byte
ALG_AES_BLOCK_256_CBC_NOPAD
Deprecated.static byte
ALG_AES_BLOCK_256_ECB_NOPAD
Deprecated.static byte
ALG_AES_CBC_ISO9797_M1
Cipher algorithmALG_AES_CBC_ISO9797_M1
provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797 method 1 scheme.static byte
ALG_AES_CBC_ISO9797_M2
Cipher algorithmALG_AES_CBC_ISO9797_M2
provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.static byte
ALG_AES_CBC_PKCS5
Cipher algorithmALG_AES_CBC_PKCS5
provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the PKCS#5 scheme.static byte
ALG_AES_CFB
Cipher AlgorithmALG_AES_CFB
provides a cipher using AES in Cipher Feedback (CFB) mode.static byte
ALG_AES_CTR
Cipher algorithmALG_AES_CTR
provides a cipher using AES in counter (CTR) mode.static byte
ALG_AES_ECB_ISO9797_M1
Cipher algorithmALG_AES_ECB_ISO9797_M1
provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797 method 1 scheme.static byte
ALG_AES_ECB_ISO9797_M2
Cipher algorithmALG_AES_ECB_ISO9797_M2
provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.static byte
ALG_AES_ECB_PKCS5
Cipher algorithmALG_AES_ECB_PKCS5
provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the PKCS#5 scheme.static byte
ALG_AES_XTS
Cipher AlgorithmALG_AES_XTS
provides a cipher using AES in XEX Tweakable Block Cipher with Ciphertext Stealing (XTS) mode as defined in IEEE Std 1619.static byte
ALG_DES_CBC_ISO9797_M1
Cipher algorithmALG_DES_CBC_ISO9797_M1
provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the ISO 9797 method 1 scheme.static byte
ALG_DES_CBC_ISO9797_M2
Cipher algorithmALG_DES_CBC_ISO9797_M2
provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.static byte
ALG_DES_CBC_NOPAD
Cipher algorithmALG_DES_CBC_NOPAD
provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and does not pad input data.static byte
ALG_DES_CBC_PKCS5
Cipher algorithmALG_DES_CBC_PKCS5
provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the PKCS#5 scheme.static byte
ALG_DES_ECB_ISO9797_M1
Cipher algorithmALG_DES_ECB_ISO9797_M1
provides a cipher using DES in ECB mode, and pads input data according to the ISO 9797 method 1 scheme.static byte
ALG_DES_ECB_ISO9797_M2
Cipher algorithmALG_DES_ECB_ISO9797_M2
provides a cipher using DES in ECB mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.static byte
ALG_DES_ECB_NOPAD
Cipher algorithmALG_DES_ECB_NOPAD
provides a cipher using DES in ECB mode, and does not pad input data.static byte
ALG_DES_ECB_PKCS5
Cipher algorithmALG_DES_ECB_PKCS5
provides a cipher using DES in ECB mode, and pads input data according to the PKCS#5 scheme.static byte
ALG_KOREAN_SEED_CBC_NOPAD
Cipher algorithmALG_KOREAN_SEED_CBC_NOPAD
provides a cipher using the Korean SEED algorithm specified in the Korean SEED Algorithm specification provided by KISA, Korea Information Security Agency in CBC mode and does not pad input data.static byte
ALG_KOREAN_SEED_ECB_NOPAD
Cipher algorithmALG_KOREAN_SEED_ECB_NOPAD
provides a cipher using the Korean SEED algorithm specified in the Korean SEED Algorithm specification provided by KISA, Korea Information Security Agency in ECB mode and does not pad input data.static byte
ALG_RSA_ISO14888
Deprecated.static byte
ALG_RSA_ISO9796
Deprecated.static byte
ALG_RSA_NOPAD
Cipher algorithmALG_RSA_NOPAD
provides a cipher using RSA and does not pad input data.static byte
ALG_RSA_PKCS1
Cipher algorithmALG_RSA_PKCS1
provides a cipher using RSA, and pads input data according to the PKCS#1 (v1.5) scheme.static byte
ALG_RSA_PKCS1_OAEP
Cipher algorithmALG_RSA_PKCS1_OAEP
provides a cipher using RSA, and pads input data according to the PKCS#1-OAEP scheme (IEEE 1363-2000).static byte
CIPHER_AES_CBC
Cipher algorithmCIPHER_AES_CBC
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method.static byte
CIPHER_AES_CFB
TheCIPHER_AES_CFB
constant represents a cipher using AES in Cipher Feedback (CFB) mode.static byte
CIPHER_AES_CTR
TheCIPHER_AES_CTR
constant represents a cipher using AES in counter (CTR) mode.static byte
CIPHER_AES_ECB
Cipher algorithmCIPHER_AES_ECB
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method.static byte
CIPHER_AES_XTS
TheCIPHER_AES_XTS
constant represents a cipher using AES in XEX Tweakable Block Cipher with Ciphertext Stealing (XTS) mode as defined in IEEE Std 1619.static byte
CIPHER_DES_CBC
Cipher algorithmCIPHER_DES_CBC
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method.static byte
CIPHER_DES_ECB
Cipher algorithmCIPHER_DES_ECB
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method.static byte
CIPHER_KOREAN_SEED_CBC
Cipher algorithmCIPHER_KOREAN_SEED_CBC
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method.static byte
CIPHER_KOREAN_SEED_ECB
Cipher algorithmCIPHER_KOREAN_SEED_ECB
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method.static byte
CIPHER_RSA
Cipher algorithmCIPHER_RSA
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method.static byte
CIPHER_SM2
TheCIPHER_SM2
constant represents a cipher using SM2 encryption as defined in GM/T 0003.4-2012 (Public Key Cryptographic Algorithm SM2 Based on Elliptic Curves Part 4: Public Key Encryption Algorithm).static byte
CIPHER_SM4_CBC
TheCIPHER_SM4_CBC
constant represents a cipher using SM4 block cipher algorithm in CBC mode with 128-bit input blocks.static byte
CIPHER_SM4_ECB
TheCIPHER_SM4_ECB
constant represents a cipher using SM4 block cipher algorithm in CBC mode with 128-bit input blocks.static byte
MODE_DECRYPT
Used ininit()
methods to indicate decryption mode.static byte
MODE_ENCRYPT
Used ininit()
methods to indicate encryption mode.static byte
PAD_ISO9796
Padding algorithmPAD_ISO9796
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_ISO9796_MR
Padding algorithmPAD_ISO9796_MR
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_ISO9796_MR_SCHEME_2
Padding algorithmPAD_ISO9796_MR_SCHEME_2
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_ISO9796_MR_SCHEME_3
Padding algorithmPAD_ISO9796_MR_SCHEME_3
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_ISO9797_1_M1_ALG3
Padding algorithmPAD_ISO9797_1_M1_ALG3
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_ISO9797_1_M2_ALG3
Padding algorithmPAD_ISO9797_1_M2_ALG3
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_ISO9797_M1
Padding algorithmPAD_ISO9797_M1
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_ISO9797_M2
Padding algorithmPAD_ISO9797_M2
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_NOPAD
Padding algorithmPAD_NOPAD
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_NULL
This constant indicates that there is no discrete padding algorithm.static byte
PAD_PKCS1
Padding algorithmPAD_PKCS1
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS1_OAEP
Padding algorithmPAD_PKCS1_OAEP
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS1_OAEP_SHA224
Padding algorithmPAD_PKCS1_OAEP_SHA224
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS1_OAEP_SHA256
Padding algorithmPAD_PKCS1_OAEP_SHA256
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS1_OAEP_SHA3_224
Padding algorithmPAD_PKCS1_OAEP_SHA3_224
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS1_OAEP_SHA3_256
Padding algorithmPAD_PKCS1_OAEP_SHA3_256
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS1_OAEP_SHA3_384
Padding algorithmPAD_PKCS1_OAEP_SHA3_384
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS1_OAEP_SHA3_512
Padding algorithmPAD_PKCS1_OAEP_SHA3_512
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS1_OAEP_SHA384
Padding algorithmPAD_PKCS1_OAEP_SHA384
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS1_OAEP_SHA512
Padding algorithmPAD_PKCS1_OAEP_SHA512
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS1_PSS
Padding algorithmPAD_PKCS1
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_PKCS5
Padding algorithmPAD_PKCS5
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method.static byte
PAD_RFC2409
Padding algorithmPAD_RFC2409
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method.
-
Constructor Summary
Constructors Modifier Constructor Description protected
Cipher()
Protected constructor.
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description abstract short
doFinal(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset)
Generates encrypted/decrypted output from all/last input data.abstract byte
getAlgorithm()
Gets the Cipher algorithm.abstract byte
getCipherAlgorithm()
Gets the raw cipher algorithm.static Cipher
getInstance(byte algorithm, boolean externalAccess)
Creates aCipher
object instance of the selected algorithm.static Cipher
getInstance(byte cipherAlgorithm, byte paddingAlgorithm, boolean externalAccess)
Creates aCipher
object instance with the selected of the selected raw cipher algorithm and padding algorithm.abstract byte
getPaddingAlgorithm()
Gets the padding algorithm.abstract void
init(Key theKey, byte theMode)
Initializes theCipher
object with the appropriateKey
.abstract void
init(Key theKey, byte theMode, byte[] bArray, short bOff, short bLen)
Initializes theCipher
object with the appropriate Key and algorithm specific parameters.abstract short
update(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset)
Generates encrypted/decrypted output from input data.
-
-
-
Field Detail
-
ALG_DES_CBC_NOPAD
public static final byte ALG_DES_CBC_NOPAD
Cipher algorithmALG_DES_CBC_NOPAD
provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and does not pad input data. If the input data is not (8-byte) block aligned it throwsCryptoException
with the reason codeILLEGAL_USE
.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_DES_CBC
,PAD_NOPAD
constants respectively.- See Also:
- Constant Field Values
-
ALG_DES_CBC_ISO9797_M1
public static final byte ALG_DES_CBC_ISO9797_M1
Cipher algorithmALG_DES_CBC_ISO9797_M1
provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the ISO 9797 method 1 scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_DES_CBC
,PAD_ISO9797_M1
constants respectively.- See Also:
- Constant Field Values
-
ALG_DES_CBC_ISO9797_M2
public static final byte ALG_DES_CBC_ISO9797_M2
Cipher algorithmALG_DES_CBC_ISO9797_M2
provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_DES_CBC
,PAD_ISO9797_M2
constants respectively.- See Also:
- Constant Field Values
-
ALG_DES_CBC_PKCS5
public static final byte ALG_DES_CBC_PKCS5
Cipher algorithmALG_DES_CBC_PKCS5
provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the PKCS#5 scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_DES_CBC
,PAD_PKCS5
constants respectively.- See Also:
- Constant Field Values
-
ALG_DES_ECB_NOPAD
public static final byte ALG_DES_ECB_NOPAD
Cipher algorithmALG_DES_ECB_NOPAD
provides a cipher using DES in ECB mode, and does not pad input data. If the input data is not (8-byte) block aligned it throwsCryptoException
with the reason codeILLEGAL_USE
.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_DES_ECB
,PAD_NOPAD
constants respectively.- See Also:
- Constant Field Values
-
ALG_DES_ECB_ISO9797_M1
public static final byte ALG_DES_ECB_ISO9797_M1
Cipher algorithmALG_DES_ECB_ISO9797_M1
provides a cipher using DES in ECB mode, and pads input data according to the ISO 9797 method 1 scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_DES_ECB
,PAD_ISO9797_M1
constants respectively.- See Also:
- Constant Field Values
-
ALG_DES_ECB_ISO9797_M2
public static final byte ALG_DES_ECB_ISO9797_M2
Cipher algorithmALG_DES_ECB_ISO9797_M2
provides a cipher using DES in ECB mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_DES_ECB
,PAD_ISO9797_M2
constants respectively.- See Also:
- Constant Field Values
-
ALG_DES_ECB_PKCS5
public static final byte ALG_DES_ECB_PKCS5
Cipher algorithmALG_DES_ECB_PKCS5
provides a cipher using DES in ECB mode, and pads input data according to the PKCS#5 scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_DES_ECB
,PAD_PKCS5
constants respectively.- See Also:
- Constant Field Values
-
ALG_RSA_ISO14888
@Deprecated public static final byte ALG_RSA_ISO14888
Deprecated.This Cipher algorithmALG_RSA_ISO14888
should not be used. The ISO 14888 algorithms are intended for signatures.- See Also:
- Constant Field Values
-
ALG_RSA_PKCS1
public static final byte ALG_RSA_PKCS1
Cipher algorithmALG_RSA_PKCS1
provides a cipher using RSA, and pads input data according to the PKCS#1 (v1.5) scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_RSA
,PAD_PKCS1
constants respectively.Note:
- This algorithm is only suitable for messages of limited length. The total number of input bytes processed during encryption may not be more than k-11, where k is the RSA key's modulus size in bytes.
- The encryption block(EB) during encryption with a Public key
is built as follows:
EB = 00 || 02 || PS || 00 || M
:: M (input bytes) is the plaintext message
:: PS is an octet string of length k-3-||M|| of pseudo random nonzero octets. The length of PS must be at least 8 octets.
:: k is the RSA modulus size.
- The encryption block(EB) during encryption with a Private key
(used to compute signatures when the message digest is computed off-card)
is built as follows:
EB = 00 || 01 || PS || 00 || D
:: D (input bytes) is the DER encoding of the hash computed elsewhere with an algorithm ID prepended if appropriate
:: PS is an octet string of length k-3-||D|| with value FF. The length of PS must be at least 8 octets.
:: k is the RSA modulus size.
- See Also:
- Constant Field Values
-
ALG_RSA_ISO9796
@Deprecated public static final byte ALG_RSA_ISO9796
Deprecated.This Cipher algorithmALG_RSA_ISO9796
should not be used. The ISO 9796-1 algorithm was withdrawn by ISO in July 2000.- See Also:
- Constant Field Values
-
ALG_RSA_NOPAD
public static final byte ALG_RSA_NOPAD
Cipher algorithmALG_RSA_NOPAD
provides a cipher using RSA and does not pad input data. If the input data is bounded by incorrect padding bytes while using RSAPrivateCrtKey, incorrect output may result. If the input data is not block aligned or greater than or equal to the modulus, it throwsCryptoException
with the reason codeILLEGAL_USE
.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_RSA
,PAD_NOPAD
constants respectively.- See Also:
- Constant Field Values
-
ALG_AES_BLOCK_128_CBC_NOPAD
public static final byte ALG_AES_BLOCK_128_CBC_NOPAD
Cipher algorithmALG_AES_BLOCK_128_CBC_NOPAD
provides a cipher using AES with block size 128 in CBC mode and does not pad input data. If the input data is not block aligned it throwsCryptoException
with the reason codeILLEGAL_USE
.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_CBC
,PAD_NOPAD
constants respectively.- See Also:
- Constant Field Values
-
ALG_AES_BLOCK_128_ECB_NOPAD
public static final byte ALG_AES_BLOCK_128_ECB_NOPAD
Cipher algorithmALG_AES_BLOCK_128_ECB_NOPAD
provides a cipher using AES with block size 128 in ECB mode and does not pad input data. If the input data is not block aligned it throwsCryptoException
with the reason codeILLEGAL_USE
.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_ECB
,PAD_NOPAD
constants respectively.- See Also:
- Constant Field Values
-
ALG_RSA_PKCS1_OAEP
public static final byte ALG_RSA_PKCS1_OAEP
Cipher algorithmALG_RSA_PKCS1_OAEP
provides a cipher using RSA, and pads input data according to the PKCS#1-OAEP scheme (IEEE 1363-2000).To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_RSA
,PAD_PKCS1_OAEP
constants respectively.- See Also:
- Constant Field Values
-
ALG_KOREAN_SEED_ECB_NOPAD
public static final byte ALG_KOREAN_SEED_ECB_NOPAD
Cipher algorithmALG_KOREAN_SEED_ECB_NOPAD
provides a cipher using the Korean SEED algorithm specified in the Korean SEED Algorithm specification provided by KISA, Korea Information Security Agency in ECB mode and does not pad input data. If the input data is not block aligned it throwsCryptoException
with the reason codeILLEGAL_USE
.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_KOREAN_SEED_ECB
,PAD_NOPAD
constants respectively.- See Also:
- Constant Field Values
-
ALG_KOREAN_SEED_CBC_NOPAD
public static final byte ALG_KOREAN_SEED_CBC_NOPAD
Cipher algorithmALG_KOREAN_SEED_CBC_NOPAD
provides a cipher using the Korean SEED algorithm specified in the Korean SEED Algorithm specification provided by KISA, Korea Information Security Agency in CBC mode and does not pad input data. If the input data is not block aligned it throwsCryptoException
with the reason codeILLEGAL_USE
.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_KOREAN_SEED_CBC
,PAD_NOPAD
constants respectively.- See Also:
- Constant Field Values
-
ALG_AES_BLOCK_192_CBC_NOPAD
@Deprecated public static final byte ALG_AES_BLOCK_192_CBC_NOPAD
Deprecated.This Cipher algorithmALG_AES_BLOCK_192_CBC_NOPAD
should not be used. AES algorithms as defined by NIST in the FIPS PUB 197 standard only support a block size of 128 bits.- See Also:
- Constant Field Values
-
ALG_AES_BLOCK_192_ECB_NOPAD
@Deprecated public static final byte ALG_AES_BLOCK_192_ECB_NOPAD
Deprecated.This Cipher algorithmALG_AES_BLOCK_192_ECB_NOPAD
should not be used. AES algorithms as defined by NIST in the FIPS PUB 197 standard only support a block size of 128 bits.- See Also:
- Constant Field Values
-
ALG_AES_BLOCK_256_CBC_NOPAD
@Deprecated public static final byte ALG_AES_BLOCK_256_CBC_NOPAD
Deprecated.This Cipher algorithmALG_AES_BLOCK_256_CBC_NOPAD
should not be used. AES algorithms as defined by NIST in the FIPS PUB 197 standard only support a block size of 128 bits.- See Also:
- Constant Field Values
-
ALG_AES_BLOCK_256_ECB_NOPAD
@Deprecated public static final byte ALG_AES_BLOCK_256_ECB_NOPAD
Deprecated.This Cipher algorithmALG_AES_BLOCK_256_ECB_NOPAD
should not be used. AES algorithms as defined by NIST in the FIPS PUB 197 standard only support a block size of 128 bits.- See Also:
- Constant Field Values
-
ALG_AES_CBC_ISO9797_M1
public static final byte ALG_AES_CBC_ISO9797_M1
Cipher algorithmALG_AES_CBC_ISO9797_M1
provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797 method 1 scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_CBC
,PAD_ISO9797_M1
constants respectively.- See Also:
- Constant Field Values
-
ALG_AES_CBC_ISO9797_M2
public static final byte ALG_AES_CBC_ISO9797_M2
Cipher algorithmALG_AES_CBC_ISO9797_M2
provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_CBC
,PAD_ISO9797_M2
constants respectively.- See Also:
- Constant Field Values
-
ALG_AES_CBC_PKCS5
public static final byte ALG_AES_CBC_PKCS5
Cipher algorithmALG_AES_CBC_PKCS5
provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the PKCS#5 scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_CBC
,PAD_PKCS5
constants respectively.- See Also:
- Constant Field Values
-
ALG_AES_ECB_ISO9797_M1
public static final byte ALG_AES_ECB_ISO9797_M1
Cipher algorithmALG_AES_ECB_ISO9797_M1
provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797 method 1 scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_ECB
,PAD_ISO9797_M1
constants respectively.- See Also:
- Constant Field Values
-
ALG_AES_ECB_ISO9797_M2
public static final byte ALG_AES_ECB_ISO9797_M2
Cipher algorithmALG_AES_ECB_ISO9797_M2
provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_ECB
,PAD_ISO9797_M2
constants respectively.- See Also:
- Constant Field Values
-
ALG_AES_ECB_PKCS5
public static final byte ALG_AES_ECB_PKCS5
Cipher algorithmALG_AES_ECB_PKCS5
provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the PKCS#5 scheme.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_ECB
,PAD_PKCS5
constants respectively.- See Also:
- Constant Field Values
-
CIPHER_AES_CBC
public static final byte CIPHER_AES_CBC
Cipher algorithmCIPHER_AES_CBC
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using AES with block size 128 in CBC mode.- See Also:
- Constant Field Values
-
CIPHER_AES_ECB
public static final byte CIPHER_AES_ECB
Cipher algorithmCIPHER_AES_ECB
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using AES with block size 128 in ECB mode.- See Also:
- Constant Field Values
-
CIPHER_DES_CBC
public static final byte CIPHER_DES_CBC
Cipher algorithmCIPHER_DES_CBC
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using DES in CBC mode.- See Also:
- Constant Field Values
-
CIPHER_DES_ECB
public static final byte CIPHER_DES_ECB
Cipher algorithmCIPHER_DES_ECB
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using DES in ECB mode.- See Also:
- Constant Field Values
-
CIPHER_KOREAN_SEED_CBC
public static final byte CIPHER_KOREAN_SEED_CBC
Cipher algorithmCIPHER_KOREAN_SEED_CBC
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using KOREAN_SEED in CBC mode.- See Also:
- Constant Field Values
-
CIPHER_KOREAN_SEED_ECB
public static final byte CIPHER_KOREAN_SEED_ECB
Cipher algorithmCIPHER_KOREAN_SEED_ECB
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using KOREAN_SEED in ECB mode.- See Also:
- Constant Field Values
-
CIPHER_RSA
public static final byte CIPHER_RSA
Cipher algorithmCIPHER_RSA
choice for thecipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using RSA.- See Also:
- Constant Field Values
-
CIPHER_AES_CTR
public static final byte CIPHER_AES_CTR
TheCIPHER_AES_CTR
constant represents a cipher using AES in counter (CTR) mode.It is used for the
cipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method and can only be associated with thePAD_NULL
padding.- Since:
- 3.1
- See Also:
- Constant Field Values
-
CIPHER_AES_CFB
public static final byte CIPHER_AES_CFB
TheCIPHER_AES_CFB
constant represents a cipher using AES in Cipher Feedback (CFB) mode.It is used for the
cipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method and can only be associated with thePAD_NULL
padding.- Since:
- 3.1
- See Also:
- Constant Field Values
-
CIPHER_AES_XTS
public static final byte CIPHER_AES_XTS
TheCIPHER_AES_XTS
constant represents a cipher using AES in XEX Tweakable Block Cipher with Ciphertext Stealing (XTS) mode as defined in IEEE Std 1619.It is used for the
cipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method and can only be associated with thePAD_NULL
padding.Note:
- The AES-XTS is parsing the provided key as a concatenation of two
fields of equal size Key1 and Key2 such that Key = Key1 | Key2.
KeyBuilder.LENGTH_AES_256
should be used to have Key1 and Key2 each with 128-bit lengthKeyBuilder.LENGTH_AES_512
should be used to have Key1 and Key2 each with 256-bit length
- Since:
- 3.1
- See Also:
- Constant Field Values
- The AES-XTS is parsing the provided key as a concatenation of two
fields of equal size Key1 and Key2 such that Key = Key1 | Key2.
-
CIPHER_SM4_ECB
public static final byte CIPHER_SM4_ECB
TheCIPHER_SM4_ECB
constant represents a cipher using SM4 block cipher algorithm in CBC mode with 128-bit input blocks.It is used for the
cipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method.- Since:
- 3.1
- See Also:
- Constant Field Values
-
CIPHER_SM4_CBC
public static final byte CIPHER_SM4_CBC
TheCIPHER_SM4_CBC
constant represents a cipher using SM4 block cipher algorithm in CBC mode with 128-bit input blocks.It is used for the
cipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method.- Since:
- 3.1
- See Also:
- Constant Field Values
-
CIPHER_SM2
public static final byte CIPHER_SM2
TheCIPHER_SM2
constant represents a cipher using SM2 encryption as defined in GM/T 0003.4-2012 (Public Key Cryptographic Algorithm SM2 Based on Elliptic Curves Part 4: Public Key Encryption Algorithm).It is used for the
cipherAlgorithm
parameter of thegetInstance(byte, byte, boolean)
method and can only be associated with thePAD_NULL
padding.This constant does not allow for
update(byte[], short, short, byte[], short)
operations. ACryptoException
must be thrown with the valueCryptoException.ILLEGAL_USE
if the method is invoked.- Since:
- 3.1
- See Also:
- Constant Field Values
-
PAD_NULL
public static final byte PAD_NULL
This constant indicates that there is no discrete padding algorithm. It is intended for use in theSignature.getInstance(byte, byte, byte, boolean)
method andCipher.getInstance(byte, byte, boolean)
method.- See Also:
- Constant Field Values
-
PAD_NOPAD
public static final byte PAD_NOPAD
Padding algorithmPAD_NOPAD
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requires that the data length is a multiple of the cipher algorithm block size. Otherwise, a CryptoException is thrown.- See Also:
- Constant Field Values
-
PAD_ISO9797_M1
public static final byte PAD_ISO9797_M1
Padding algorithmPAD_ISO9797_M1
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the ISO 9797 method 1 scheme.- See Also:
- Constant Field Values
-
PAD_ISO9797_M2
public static final byte PAD_ISO9797_M2
Padding algorithmPAD_ISO9797_M2
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the ISO 9797 method 2 scheme.- See Also:
- Constant Field Values
-
PAD_ISO9797_1_M1_ALG3
public static final byte PAD_ISO9797_1_M1_ALG3
Padding algorithmPAD_ISO9797_1_M1_ALG3
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the ISO9797-1 MAC algorithm 3 with method 1.- See Also:
- Constant Field Values
-
PAD_ISO9797_1_M2_ALG3
public static final byte PAD_ISO9797_1_M2_ALG3
Padding algorithmPAD_ISO9797_1_M2_ALG3
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the ISO9797-1 MAC algorithm 3 with method 2 (also EMV'96, EMV'2000).- See Also:
- Constant Field Values
-
PAD_PKCS5
public static final byte PAD_PKCS5
Padding algorithmPAD_PKCS5
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS #5 scheme.- See Also:
- Constant Field Values
-
PAD_PKCS1
public static final byte PAD_PKCS1
Padding algorithmPAD_PKCS1
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS v1.5 scheme.- See Also:
- Constant Field Values
-
PAD_PKCS1_PSS
public static final byte PAD_PKCS1_PSS
Padding algorithmPAD_PKCS1
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS#1-PSS scheme (IEEE 1363-2000) scheme.- See Also:
- Constant Field Values
-
PAD_PKCS1_OAEP
public static final byte PAD_PKCS1_OAEP
Padding algorithmPAD_PKCS1_OAEP
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS#1-OAEP scheme (IEEE 1363-2000).- See Also:
- Constant Field Values
-
PAD_PKCS1_OAEP_SHA224
public static final byte PAD_PKCS1_OAEP_SHA224
Padding algorithmPAD_PKCS1_OAEP_SHA224
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA224 as hash function.- See Also:
- Constant Field Values
-
PAD_PKCS1_OAEP_SHA256
public static final byte PAD_PKCS1_OAEP_SHA256
Padding algorithmPAD_PKCS1_OAEP_SHA256
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA256 as hash function.- See Also:
- Constant Field Values
-
PAD_PKCS1_OAEP_SHA384
public static final byte PAD_PKCS1_OAEP_SHA384
Padding algorithmPAD_PKCS1_OAEP_SHA384
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA384 as hash function.- See Also:
- Constant Field Values
-
PAD_PKCS1_OAEP_SHA512
public static final byte PAD_PKCS1_OAEP_SHA512
Padding algorithmPAD_PKCS1_OAEP_SHA512
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA512 as hash function.- See Also:
- Constant Field Values
-
PAD_PKCS1_OAEP_SHA3_224
public static final byte PAD_PKCS1_OAEP_SHA3_224
Padding algorithmPAD_PKCS1_OAEP_SHA3_224
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA3-224 as hash function.- See Also:
- Constant Field Values
-
PAD_PKCS1_OAEP_SHA3_256
public static final byte PAD_PKCS1_OAEP_SHA3_256
Padding algorithmPAD_PKCS1_OAEP_SHA3_256
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA3-256 as hash function.- See Also:
- Constant Field Values
-
PAD_PKCS1_OAEP_SHA3_384
public static final byte PAD_PKCS1_OAEP_SHA3_384
Padding algorithmPAD_PKCS1_OAEP_SHA3_384
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA3-384 as hash function.- See Also:
- Constant Field Values
-
PAD_PKCS1_OAEP_SHA3_512
public static final byte PAD_PKCS1_OAEP_SHA3_512
Padding algorithmPAD_PKCS1_OAEP_SHA3_512
choice for the paddingAlgorithm parameter of thegetInstance(byte, byte, boolean)
method and theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA3-512 as hash function.- See Also:
- Constant Field Values
-
PAD_ISO9796
public static final byte PAD_ISO9796
Padding algorithmPAD_ISO9796
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the ISO 9796-2 scheme as specified in EMV '96 and EMV 2000- See Also:
- Constant Field Values
-
PAD_ISO9796_MR
public static final byte PAD_ISO9796_MR
Padding algorithmPAD_ISO9796_MR
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the ISO/IEC 9796-2 specification with message recovery (scheme 1) - (also EMV 3.0, EMV 4.0).- See Also:
- Constant Field Values
-
PAD_RFC2409
public static final byte PAD_RFC2409
Padding algorithmPAD_RFC2409
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the RFC 2409 scheme.- See Also:
- Constant Field Values
-
PAD_ISO9796_MR_SCHEME_2
public static final byte PAD_ISO9796_MR_SCHEME_2
Padding algorithmPAD_ISO9796_MR_SCHEME_2
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the ISO/IEC 9796-2 specification with message recovery (scheme 2).- Since:
- 3.1
- See Also:
- Constant Field Values
-
PAD_ISO9796_MR_SCHEME_3
public static final byte PAD_ISO9796_MR_SCHEME_3
Padding algorithmPAD_ISO9796_MR_SCHEME_3
choice for the paddingAlgorithm parameter of theSignature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the ISO/IEC 9796-2 specification with message recovery (scheme 3).- Since:
- 3.1
- See Also:
- Constant Field Values
-
MODE_DECRYPT
public static final byte MODE_DECRYPT
Used ininit()
methods to indicate decryption mode.- See Also:
- Constant Field Values
-
MODE_ENCRYPT
public static final byte MODE_ENCRYPT
Used ininit()
methods to indicate encryption mode.- See Also:
- Constant Field Values
-
ALG_AES_CTR
public static final byte ALG_AES_CTR
Cipher algorithmALG_AES_CTR
provides a cipher using AES in counter (CTR) mode.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_CTR, PAD_NULL
constants respectively.- Since:
- 3.0.5
- See Also:
- Constant Field Values
-
ALG_AES_CFB
public static final byte ALG_AES_CFB
Cipher AlgorithmALG_AES_CFB
provides a cipher using AES in Cipher Feedback (CFB) mode.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_CFB, PAD_NULL
constants respectively.- Since:
- 3.1
- See Also:
- Constant Field Values
-
ALG_AES_XTS
public static final byte ALG_AES_XTS
Cipher AlgorithmALG_AES_XTS
provides a cipher using AES in XEX Tweakable Block Cipher with Ciphertext Stealing (XTS) mode as defined in IEEE Std 1619.To request this algorithm using the
getInstance(byte, byte, boolean)
method use theCIPHER_AES_XTS, PAD_NULL
constants respectively.Note:
- The AES-XTS is parsing the provided key as a concatenation of two
fields of equal size Key1 and Key2 such that Key = Key1 | Key2.
KeyBuilder.LENGTH_AES_256
should be used to have Key1 and Key2 each with 128-bit lengthKeyBuilder.LENGTH_AES_512
should be used to have Key1 and Key2 each with 256-bit length
- Since:
- 3.1
- See Also:
- Constant Field Values
- The AES-XTS is parsing the provided key as a concatenation of two
fields of equal size Key1 and Key2 such that Key = Key1 | Key2.
-
-
Method Detail
-
getInstance
public static final Cipher getInstance(byte algorithm, boolean externalAccess) throws CryptoException
Creates aCipher
object instance of the selected algorithm.- Parameters:
algorithm
- the desired Cipher algorithm. Valid codes listed inALG_*
constants above, for example,ALG_DES_CBC_NOPAD
.externalAccess
-true
indicates that the instance will be shared among multiple applet instances and that theCipher
instance will also be accessed (via aShareable
interface) when the owner of theCipher
instance is not the currently selected applet. Iftrue
the implementation must not allocate CLEAR_ON_DESELECT transient space for internal data.- Returns:
- the
Cipher
object instance of the requested algorithm - Throws:
CryptoException
- with the following reason codes:CryptoException.NO_SUCH_ALGORITHM
if the requested algorithm is not supported or shared access mode is not supported.
- See Also:
getInstance(byte, byte, boolean)
,getAlgorithm()
-
getInstance
public static final Cipher getInstance(byte cipherAlgorithm, byte paddingAlgorithm, boolean externalAccess) throws CryptoException
Creates aCipher
object instance with the selected of the selected raw cipher algorithm and padding algorithm.Note:
- When the padding algorithm is built into the cipher algorithm use
the
PAD_NULL
choice for the padding algorithm.
- Parameters:
cipherAlgorithm
- the desired cipher algorithm. Valid codes listed inCIPHER_*
constants in this class e.g.CIPHER_AES_CBC
.paddingAlgorithm
- the desired padding algorithm. Valid codes listed inPAD_*
constants in this class e.g.PAD_NULL
.externalAccess
-true
indicates that the instance will be shared among multiple applet instances and that theCipher
instance will also be accessed (via aShareable
interface) when the owner of theCipher
instance is not the currently selected applet. Iftrue
the implementation must not allocate CLEAR_ON_DESELECT transient space for internal data.- Returns:
- the
Cipher
object instance of the requested algorithm - Throws:
CryptoException
- with the following reason codes:CryptoException.NO_SUCH_ALGORITHM
if cipher algorithm or padding algorithm or their combination or the requested shared access mode is not supported.
- Since:
- 3.0.4
- See Also:
getInstance(byte, boolean)
,getCipherAlgorithm()
,getPaddingAlgorithm()
- When the padding algorithm is built into the cipher algorithm use
the
-
init
public abstract void init(Key theKey, byte theMode) throws CryptoException
Initializes theCipher
object with the appropriateKey
. This method should be used for algorithms which do not need initialization parameters or use default parameter values.init()
must be used to update theCipher
object with a new key. If theKey
object is modified after invoking theinit()
method, the behavior of theupdate()
anddoFinal()
methods is unspecified.The
Key
is checked for consistency with theCipher
algorithm. For example, the key type must be matched. For elliptic curve algorithms, the key must represent a valid point on the curve's domain parameters. Additional key component/domain parameter strength checks are implementation specific.Note:
- AES, DES, triple DES and Korean SEED algorithms used in modes requiring an initial vector (like CBC, CFB, CTR, XTS modes) will use 0 for initial vector(IV) if this method is used.
- For optimal performance, when the
theKey
parameter is a transient key, the implementation should, whenever possible, use transient space for internal storage.
- Parameters:
theKey
- the key object to use for encrypting or decryptingtheMode
- one ofMODE_DECRYPT
orMODE_ENCRYPT
- Throws:
CryptoException
- with the following reason codes:CryptoException.ILLEGAL_VALUE
iftheMode
option is an undefined value or if theKey
is inconsistent with theCipher
implementation.CryptoException.UNINITIALIZED_KEY
iftheKey
instance is uninitialized.
-
init
public abstract void init(Key theKey, byte theMode, byte[] bArray, short bOff, short bLen) throws CryptoException
Initializes theCipher
object with the appropriate Key and algorithm specific parameters.init()
must be used to update theCipher
object with a new key. If theKey
object is modified after invoking theinit()
method, the behavior of theupdate()
anddoFinal()
methods is unspecified.The
Key
is checked for consistency with theCipher
algorithm. For example, the key type must be matched. For elliptic curve algorithms, the key must represent a valid point on the curve's domain parameters. Additional key component/domain parameter strength checks are implementation specific.Note:
- DES and triple DES algorithms in CBC mode expect an 8-byte parameter value for
the initial vector(IV) in
bArray
. - AES algorithms expect a 16-byte parameter value in
bArray
for the initial vector(IV) in CBC, CFB, CTR mode or for the value of the 128-bit tweak in XTS mode. - Korean SEED algorithms in CBC mode expect a 16-byte parameter value for
the initial vector(IV) in
bArray
. - AES algorithms in ECB mode, DES algorithms in ECB mode, Korean SEED algorithm in ECB mode,
RSA, DSA and SM2 algorithms throw
CryptoException.ILLEGAL_VALUE
. - For optimal performance, when the
theKey
parameter is a transient key, the implementation should, whenever possible, use transient space for internal storage.
- Parameters:
theKey
- the key object to use for encrypting or decrypting.theMode
- one ofMODE_DECRYPT
orMODE_ENCRYPT
bArray
- byte array containing algorithm specific initialization infobOff
- offset within bArray where the algorithm specific data beginsbLen
- byte length of algorithm specific parameter data- Throws:
CryptoException
- with the following reason codes:CryptoException.ILLEGAL_VALUE
iftheMode
option is an undefined value or if a byte array parameter option is not supported by the algorithm or if thebLen
is an incorrect byte length for the algorithm specific data or if theKey
is inconsistent with theCipher
implementation.CryptoException.UNINITIALIZED_KEY
iftheKey
instance is uninitialized.
- DES and triple DES algorithms in CBC mode expect an 8-byte parameter value for
the initial vector(IV) in
-
getAlgorithm
public abstract byte getAlgorithm()
Gets the Cipher algorithm.- Returns:
- the algorithm code defined above; if the algorithm is not one of the pre-defined
algorithms,
0
is returned. - See Also:
getInstance(byte, boolean)
-
getCipherAlgorithm
public abstract byte getCipherAlgorithm()
Gets the raw cipher algorithm. Pre-defined codes listed inCIPHER_*
constants in this class e.g.CIPHER_AES_CBC
.- Returns:
- the raw cipher algorithm code defined above; if the algorithm is not
one of the pre-defined algorithms,
0
is returned. - Since:
- 3.0.5
-
getPaddingAlgorithm
public abstract byte getPaddingAlgorithm()
Gets the padding algorithm. Pre-defined codes listed inPAD_*
constants in this class e.g.PAD_NULL
.- Returns:
- the padding algorithm code defined in the
Cipher
class; if the algorithm is not one of the pre-defined algorithms,0
is returned. - Since:
- 3.0.5
-
doFinal
public abstract short doFinal(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset) throws CryptoException
Generates encrypted/decrypted output from all/last input data. This method must be invoked to complete a cipher operation. This method processes any remaining input data buffered by one or more calls to theupdate()
method as well as input data supplied in theinBuff
parameter.A call to this method also resets this
Cipher
object to the state it was in when previously initialized via a call toinit()
. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call toinit()
) more data. In addition, note that the initial vector(IV) used in AES, DES and Korean SEED algorithms will be reset to 0.Notes:
- When using block-aligned data (multiple of block size),
if the input buffer,
inBuff
and the output buffer,outBuff
refer to the same array, or if any of these arguments refer to an array view sharing components with the other argument, then the output data area must not partially overlap the input data area such that the input data is modified before it is used.
Example: ifinBuff==outBuff
andinOffset < outOffset < inOffset+inLength
, incorrect output may result. - When non-block aligned data is presented as input data, no amount of input
and output buffer data overlap is allowed.
Example: ifinBuff==outBuff
andoutOffset < inOffset+inLength
, incorrect output may result. - AES, DES, triple DES and Korean SEED algorithms in CBC mode reset the initial vector(IV)
to 0. The initial vector(IV) can be re-initialized using the
init(Key, byte, byte[], short, short)
method. - On decryption operations (except when ISO 9797 method 1 padding is used),
the padding bytes are not written to
outBuff
. - On encryption and decryption operations, the number of bytes output into
outBuff
may be larger or smaller thaninLength
or even 0. - On decryption operations resulting in an
ArrayIndexOutOfBoundsException
,outBuff
may be partially modified.
In addition to returning a
short
result, this method sets the result in an internal state which can be rechecked using assertion methods of theSensitiveResult
class, if supported by the platform.- Parameters:
inBuff
- the input buffer of data to be encrypted/decryptedinOffset
- the offset into the input buffer at which to begin encryption/decryptioninLength
- the byte length to be encrypted/decryptedoutBuff
- the output buffer, may be the same as the input bufferoutOffset
- the offset into the output buffer where the resulting output data begins- Returns:
- number of bytes output in
outBuff
- Throws:
CryptoException
- with the following reason codes:CryptoException.UNINITIALIZED_KEY
if key not initialized.CryptoException.INVALID_INIT
if thisCipher
object is not initialized.CryptoException.ILLEGAL_USE
if one of the following conditions is met:- This
Cipher
algorithm does not pad the message and the message is not block aligned. - This
Cipher
algorithm does not pad the message and no input data has been provided ininBuff
or via theupdate()
method. - The input message length is not supported or the message value is greater than or equal to the modulus.
- The decrypted data is not bounded by appropriate padding bytes.
- This
- When using block-aligned data (multiple of block size),
if the input buffer,
-
update
public abstract short update(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset) throws CryptoException
Generates encrypted/decrypted output from input data. This method is intended for multiple-part encryption/decryption operations.This method requires temporary storage of intermediate results. In addition, if the input data length is not block aligned (multiple of block size) then additional internal storage may be allocated at this time to store a partial input data block. This may result in additional resource consumption and/or slow performance.
This method should only be used if all the input data required for the cipher is not available in one byte array. If all the input data required for the cipher is located in a single byte array, use of the
doFinal()
method to process all of the input data is recommended. ThedoFinal()
method must be invoked to complete processing of any remaining input data buffered by one or more calls to theupdate()
method.Notes:
- When using block-aligned data (multiple of block size),
if the input buffer,
inBuff
and the output buffer,outBuff
are the same array, then the output data area must not partially overlap the input data area such that the input data is modified before it is used; ifinBuff==outBuff
and
inOffset < outOffset < inOffset+inLength
, incorrect output may result. - When non-block aligned data is presented as input data, no amount of input
and output buffer data overlap is allowed;
if
inBuff==outBuff
and
outOffset < inOffset+inLength
, incorrect output may result. - On decryption operations(except when ISO 9797 method 1 padding is used),
the padding bytes are not written to
outBuff
. - On encryption and decryption operations,
block alignment considerations may require that
the number of bytes output into
outBuff
be larger or smaller thaninLength
or even 0. - If
inLength
is 0 this method does nothing.
In addition to returning a
short
result, this method sets the result in an internal state which can be rechecked using assertion methods of theSensitiveResult
class, if supported by the platform.- Parameters:
inBuff
- the input buffer of data to be encrypted/decryptedinOffset
- the offset into the input buffer at which to begin encryption/decryptioninLength
- the byte length to be encrypted/decryptedoutBuff
- the output buffer, may be the same as the input bufferoutOffset
- the offset into the output buffer where the resulting ciphertext/plaintext begins- Returns:
- number of bytes output in
outBuff
- Throws:
CryptoException
- with the following reason codes:CryptoException.UNINITIALIZED_KEY
if key not initialized.CryptoException.INVALID_INIT
if thisCipher
object is not initialized.CryptoException.ILLEGAL_USE
if the input message length is not supported or the message value is greater than or equal to the modulus.
- When using block-aligned data (multiple of block size),
if the input buffer,
-
-