public abstract class Cipher extends Object
Cipher
class is the abstract base class for Cipher
algorithms. Implementations of Cipher algorithms must extend this class and
implement all the abstract methods.
The term "pad" is used in the public key cipher algorithms below to refer to all the operations specified in the referenced scheme to transform the message block into the cipher block size.
The asymmetric key algorithms encrypt using either a public key (to cipher) or a private key (to sign). In addition they decrypt using the either a private key (to decipher) or a public key (to verify). However, usage of some padding schemes, such as PKCS#1-OAEP, is intended for encryption or decryption operations only, and therefore should be limited to their intended purpose.
A tear or card reset event resets an initialized Cipher
object
to the state it was in when previously initialized via a call to
init()
. For algorithms which support keys with transient key
data sets, such as DES, triple DES and AES, and Korean SEED the
Cipher
object key becomes uninitialized on clear events
associated with the Key
object used to initialize the
Cipher
object.
Even if a transaction is in progress, update of intermediate result state in
the implementation instance shall not participate in the transaction.
Note:
init(Key, byte, byte[], short, short)
method.
Modifier and Type | Class and Description |
---|---|
static class |
Cipher.OneShot
The
OneShot class is a specialization of the Cipher
class intended to support efficient one-shot ciphering and deciphering
operations that may avoid persistent memory writes entirely. |
Modifier and Type | Field and Description |
---|---|
static byte |
ALG_AES_BLOCK_128_CBC_NOPAD
Cipher algorithm
ALG_AES_BLOCK_128_CBC_NOPAD provides a
cipher using AES with block size 128 in CBC mode and does not pad input
data. |
static byte |
ALG_AES_BLOCK_128_ECB_NOPAD
Cipher algorithm
ALG_AES_BLOCK_128_ECB_NOPAD provides a
cipher using AES with block size 128 in ECB mode and does not pad input
data. |
static byte |
ALG_AES_BLOCK_192_CBC_NOPAD
Deprecated.
|
static byte |
ALG_AES_BLOCK_192_ECB_NOPAD
Deprecated.
|
static byte |
ALG_AES_BLOCK_256_CBC_NOPAD
Deprecated.
|
static byte |
ALG_AES_BLOCK_256_ECB_NOPAD
Deprecated.
|
static byte |
ALG_AES_CBC_ISO9797_M1
Cipher algorithm
ALG_AES_CBC_ISO9797_M1 provides a cipher
using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797
method 1 scheme. |
static byte |
ALG_AES_CBC_ISO9797_M2
Cipher algorithm
ALG_AES_CBC_ISO9797_M2 provides a cipher
using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797
method 2 (ISO 7816-4, EMV'96) scheme. |
static byte |
ALG_AES_CBC_PKCS5
Cipher algorithm
ALG_AES_CBC_PKCS5 provides a cipher
using AES with block size 128 in CBC mode, and pads input data according to the PKCS#5
scheme. |
static byte |
ALG_AES_CTR
Cipher algorithm
ALG_AES_CTR provides a cipher using
AES in counter (CTR) mode. |
static byte |
ALG_AES_ECB_ISO9797_M1
Cipher algorithm
ALG_AES_ECB_ISO9797_M1 provides a cipher
using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797
method 1 scheme. |
static byte |
ALG_AES_ECB_ISO9797_M2
Cipher algorithm
ALG_AES_ECB_ISO9797_M2 provides a cipher
using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797
method 2 (ISO 7816-4, EMV'96) scheme. |
static byte |
ALG_AES_ECB_PKCS5
Cipher algorithm
ALG_AES_ECB_PKCS5 provides a cipher using
AES with block size 128 in ECB mode, and pads input data according to the PKCS#5 scheme. |
static byte |
ALG_DES_CBC_ISO9797_M1
Cipher algorithm
ALG_DES_CBC_ISO9797_M1 provides a cipher
using DES in CBC mode or triple DES in outer CBC mode, and pads input
data according to the ISO 9797 method 1 scheme. |
static byte |
ALG_DES_CBC_ISO9797_M2
Cipher algorithm
ALG_DES_CBC_ISO9797_M2 provides a cipher
using DES in CBC mode or triple DES in outer CBC mode, and pads input
data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme. |
static byte |
ALG_DES_CBC_NOPAD
Cipher algorithm
ALG_DES_CBC_NOPAD provides a cipher using
DES in CBC mode or triple DES in outer CBC mode, and does not pad input
data. |
static byte |
ALG_DES_CBC_PKCS5
Cipher algorithm
ALG_DES_CBC_PKCS5 provides a cipher
using DES in CBC mode or triple DES in outer CBC mode, and pads input
data according to the PKCS#5 scheme. |
static byte |
ALG_DES_ECB_ISO9797_M1
Cipher algorithm
ALG_DES_ECB_ISO9797_M1 provides a cipher
using DES in ECB mode, and pads input data according to the ISO 9797
method 1 scheme. |
static byte |
ALG_DES_ECB_ISO9797_M2
Cipher algorithm
ALG_DES_ECB_ISO9797_M2 provides a cipher
using DES in ECB mode, and pads input data according to the ISO 9797
method 2 (ISO 7816-4, EMV'96) scheme. |
static byte |
ALG_DES_ECB_NOPAD
Cipher algorithm
ALG_DES_ECB_NOPAD provides a cipher using
DES in ECB mode, and does not pad input data. |
static byte |
ALG_DES_ECB_PKCS5
Cipher algorithm
ALG_DES_ECB_PKCS5 provides a cipher using
DES in ECB mode, and pads input data according to the PKCS#5 scheme. |
static byte |
ALG_KOREAN_SEED_CBC_NOPAD
Cipher algorithm
ALG_KOREAN_SEED_CBC_NOPAD provides a
cipher using the Korean SEED algorithm specified in the Korean SEED
Algorithm specification provided by KISA, Korea Information Security
Agency in CBC mode and does not pad input data. |
static byte |
ALG_KOREAN_SEED_ECB_NOPAD
Cipher algorithm
ALG_KOREAN_SEED_ECB_NOPAD provides a
cipher using the Korean SEED algorithm specified in the Korean SEED
Algorithm specification provided by KISA, Korea Information Security
Agency in ECB mode and does not pad input data. |
static byte |
ALG_RSA_ISO14888
Deprecated.
|
static byte |
ALG_RSA_ISO9796
Deprecated.
|
static byte |
ALG_RSA_NOPAD
Cipher algorithm
ALG_RSA_NOPAD provides a cipher using RSA
and does not pad input data. |
static byte |
ALG_RSA_PKCS1
Cipher algorithm
ALG_RSA_PKCS1 provides a cipher using
RSA, and pads input data according to the PKCS#1 (v1.5) scheme. |
static byte |
ALG_RSA_PKCS1_OAEP
Cipher algorithm
ALG_RSA_PKCS1_OAEP provides a cipher
using RSA, and pads input data according to the PKCS#1-OAEP scheme (IEEE
1363-2000). |
static byte |
CIPHER_AES_CBC
Cipher algorithm
CIPHER_AES_CBC choice for the
cipherAlgorithm parameter of the
getInstance(byte, byte, boolean)
method. |
static byte |
CIPHER_AES_ECB
Cipher algorithm
CIPHER_AES_ECB choice for the
cipherAlgorithm parameter of the
getInstance(byte, byte, boolean)
method. |
static byte |
CIPHER_DES_CBC
Cipher algorithm
CIPHER_DES_CBC choice for the
cipherAlgorithm parameter of the
getInstance(byte, byte, boolean)
method. |
static byte |
CIPHER_DES_ECB
Cipher algorithm
CIPHER_DES_ECB choice for the
cipherAlgorithm parameter of the
getInstance(byte, byte, boolean)
method. |
static byte |
CIPHER_KOREAN_SEED_CBC
Cipher algorithm
CIPHER_KOREAN_SEED_CBC choice for the
cipherAlgorithm parameter of the
getInstance(byte, byte, boolean)
method. |
static byte |
CIPHER_KOREAN_SEED_ECB
Cipher algorithm
CIPHER_KOREAN_SEED_ECB choice for the
cipherAlgorithm parameter of the
getInstance(byte, byte, boolean)
method. |
static byte |
CIPHER_RSA
Cipher algorithm
CIPHER_RSA choice for the
cipherAlgorithm parameter of the
getInstance(byte, byte, boolean)
method. |
static byte |
MODE_DECRYPT
Used in
init() methods to indicate decryption mode. |
static byte |
MODE_ENCRYPT
Used in
init() methods to indicate encryption mode. |
static byte |
PAD_ISO9796
Padding algorithm
PAD_ISO9796 choice for the paddingAlgorithm
parameter of the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_ISO9796_MR
Padding algorithm
PAD_ISO9796_MR choice for the paddingAlgorithm
parameter of the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_ISO9797_1_M1_ALG3
Padding algorithm
PAD_ISO9797_1_M1_ALG3 choice for the paddingAlgorithm
parameter of the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_ISO9797_1_M2_ALG3
Padding algorithm
PAD_ISO9797_1_M2_ALG3 choice for the paddingAlgorithm
parameter of the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_ISO9797_M1
Padding algorithm
PAD_ISO9797_M1 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_ISO9797_M2
Padding algorithm
PAD_ISO9797_M2 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_NOPAD
Padding algorithm
PAD_NOPAD choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_NULL
This constant indicates that there is no discrete padding
algorithm.
|
static byte |
PAD_PKCS1
Padding algorithm
PAD_PKCS1 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS1_OAEP
Padding algorithm
PAD_PKCS1_OAEP choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS1_OAEP_SHA224
Padding algorithm
PAD_PKCS1_OAEP_SHA224 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS1_OAEP_SHA256
Padding algorithm
PAD_PKCS1_OAEP_SHA256 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS1_OAEP_SHA3_224
Padding algorithm
PAD_PKCS1_OAEP_SHA3_224 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS1_OAEP_SHA3_256
Padding algorithm
PAD_PKCS1_OAEP_SHA3_256 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS1_OAEP_SHA3_384
Padding algorithm
PAD_PKCS1_OAEP_SHA3_384 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS1_OAEP_SHA3_512
Padding algorithm
PAD_PKCS1_OAEP_SHA3_512 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS1_OAEP_SHA384
Padding algorithm
PAD_PKCS1_OAEP_SHA384 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS1_OAEP_SHA512
Padding algorithm
PAD_PKCS1_OAEP_SHA512 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS1_PSS
Padding algorithm
PAD_PKCS1 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_PKCS5
Padding algorithm
PAD_PKCS5 choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. |
static byte |
PAD_RFC2409
Padding algorithm
PAD_RFC2409 choice for the paddingAlgorithm
parameter of the
Signature.getInstance(byte, byte, byte, boolean)
method. |
Modifier | Constructor and Description |
---|---|
protected |
Cipher()
Protected constructor.
|
Modifier and Type | Method and Description |
---|---|
abstract short |
doFinal(byte[] inBuff,
short inOffset,
short inLength,
byte[] outBuff,
short outOffset)
Generates encrypted/decrypted output from all/last input data.
|
abstract byte |
getAlgorithm()
Gets the Cipher algorithm.
|
abstract byte |
getCipherAlgorithm()
Gets the raw cipher algorithm.
|
static Cipher |
getInstance(byte algorithm,
boolean externalAccess)
Creates a
Cipher object instance of the selected
algorithm. |
static Cipher |
getInstance(byte cipherAlgorithm,
byte paddingAlgorithm,
boolean externalAccess)
Creates a
Cipher object instance with the selected
of the selected raw cipher algorithm and padding algorithm. |
abstract byte |
getPaddingAlgorithm()
Gets the padding algorithm.
|
abstract void |
init(Key theKey,
byte theMode)
Initializes the
Cipher object with the appropriate
Key . |
abstract void |
init(Key theKey,
byte theMode,
byte[] bArray,
short bOff,
short bLen)
Initializes the
Cipher object with the appropriate Key and
algorithm specific parameters. |
abstract short |
update(byte[] inBuff,
short inOffset,
short inLength,
byte[] outBuff,
short outOffset)
Generates encrypted/decrypted output from input data.
|
public static final byte ALG_DES_CBC_NOPAD
ALG_DES_CBC_NOPAD
provides a cipher using
DES in CBC mode or triple DES in outer CBC mode, and does not pad input
data. If the input data is not (8-byte) block aligned it throws
CryptoException
with the reason code
ILLEGAL_USE
.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_DES_CBC
,
PAD_NOPAD
constants respectively.
public static final byte ALG_DES_CBC_ISO9797_M1
ALG_DES_CBC_ISO9797_M1
provides a cipher
using DES in CBC mode or triple DES in outer CBC mode, and pads input
data according to the ISO 9797 method 1 scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_DES_CBC
,
PAD_ISO9797_M1
constants respectively.
public static final byte ALG_DES_CBC_ISO9797_M2
ALG_DES_CBC_ISO9797_M2
provides a cipher
using DES in CBC mode or triple DES in outer CBC mode, and pads input
data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_DES_CBC
,
PAD_ISO9797_M2
constants respectively.
public static final byte ALG_DES_CBC_PKCS5
ALG_DES_CBC_PKCS5
provides a cipher
using DES in CBC mode or triple DES in outer CBC mode, and pads input
data according to the PKCS#5 scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_DES_CBC
,
PAD_PKCS5
constants respectively.
public static final byte ALG_DES_ECB_NOPAD
ALG_DES_ECB_NOPAD
provides a cipher using
DES in ECB mode, and does not pad input data. If the input data is not
(8-byte) block aligned it throws CryptoException
with the
reason code ILLEGAL_USE
.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_DES_ECB
,
PAD_NOPAD
constants respectively.
public static final byte ALG_DES_ECB_ISO9797_M1
ALG_DES_ECB_ISO9797_M1
provides a cipher
using DES in ECB mode, and pads input data according to the ISO 9797
method 1 scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_DES_ECB
,
PAD_ISO9797_M1
constants respectively.
public static final byte ALG_DES_ECB_ISO9797_M2
ALG_DES_ECB_ISO9797_M2
provides a cipher
using DES in ECB mode, and pads input data according to the ISO 9797
method 2 (ISO 7816-4, EMV'96) scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_DES_ECB
,
PAD_ISO9797_M2
constants respectively.
public static final byte ALG_DES_ECB_PKCS5
ALG_DES_ECB_PKCS5
provides a cipher using
DES in ECB mode, and pads input data according to the PKCS#5 scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_DES_ECB
,
PAD_PKCS5
constants respectively.
public static final byte ALG_RSA_ISO14888
ALG_RSA_ISO14888
should not be used.
The ISO 14888 algorithms are intended for signatures.public static final byte ALG_RSA_PKCS1
ALG_RSA_PKCS1
provides a cipher using
RSA, and pads input data according to the PKCS#1 (v1.5) scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_RSA
,
PAD_PKCS1
constants respectively.
Note:
public static final byte ALG_RSA_ISO9796
ALG_RSA_ISO9796
should not be used.
The ISO 9796-1 algorithm was withdrawn by ISO in July 2000.public static final byte ALG_RSA_NOPAD
ALG_RSA_NOPAD
provides a cipher using RSA
and does not pad input data. If the input data is bounded by incorrect
padding bytes while using RSAPrivateCrtKey, incorrect output may result.
If the input data is not block aligned or greater than or equal to the
modulus, it throws
CryptoException
with the reason code
ILLEGAL_USE
.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_RSA
,
PAD_NOPAD
constants respectively.
public static final byte ALG_AES_BLOCK_128_CBC_NOPAD
ALG_AES_BLOCK_128_CBC_NOPAD
provides a
cipher using AES with block size 128 in CBC mode and does not pad input
data. If the input data is not block aligned it throws
CryptoException
with the reason code
ILLEGAL_USE
.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_AES_CBC
,
PAD_NOPAD
constants respectively.
public static final byte ALG_AES_BLOCK_128_ECB_NOPAD
ALG_AES_BLOCK_128_ECB_NOPAD
provides a
cipher using AES with block size 128 in ECB mode and does not pad input
data. If the input data is not block aligned it throws
CryptoException
with the reason code
ILLEGAL_USE
.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_AES_ECB
,
PAD_NOPAD
constants respectively.
public static final byte ALG_RSA_PKCS1_OAEP
ALG_RSA_PKCS1_OAEP
provides a cipher
using RSA, and pads input data according to the PKCS#1-OAEP scheme (IEEE
1363-2000).
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_RSA
,
PAD_PKCS1_OAEP
constants respectively.
public static final byte ALG_KOREAN_SEED_ECB_NOPAD
ALG_KOREAN_SEED_ECB_NOPAD
provides a
cipher using the Korean SEED algorithm specified in the Korean SEED
Algorithm specification provided by KISA, Korea Information Security
Agency in ECB mode and does not pad input data. If the input data is not
block aligned it throws CryptoException
with the reason
code ILLEGAL_USE
.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_KOREAN_SEED_ECB
,
PAD_NOPAD
constants respectively.
public static final byte ALG_KOREAN_SEED_CBC_NOPAD
ALG_KOREAN_SEED_CBC_NOPAD
provides a
cipher using the Korean SEED algorithm specified in the Korean SEED
Algorithm specification provided by KISA, Korea Information Security
Agency in CBC mode and does not pad input data. If the input data is not
block aligned it throws CryptoException
with the reason
code ILLEGAL_USE
.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_KOREAN_SEED_CBC
,
PAD_NOPAD
constants respectively.
public static final byte ALG_AES_BLOCK_192_CBC_NOPAD
ALG_AES_BLOCK_192_CBC_NOPAD
should not be used. AES algorithms as defined by NIST in the FIPS PUB 197
standard only support a block size of 128 bits.public static final byte ALG_AES_BLOCK_192_ECB_NOPAD
ALG_AES_BLOCK_192_ECB_NOPAD
should not be used. AES algorithms as defined by NIST in the FIPS PUB 197
standard only support a block size of 128 bits.public static final byte ALG_AES_BLOCK_256_CBC_NOPAD
ALG_AES_BLOCK_256_CBC_NOPAD
should not be used. AES algorithms as defined by NIST in the FIPS PUB 197
standard only support a block size of 128 bits.public static final byte ALG_AES_BLOCK_256_ECB_NOPAD
ALG_AES_BLOCK_256_ECB_NOPAD
should not be used. AES algorithms as defined by NIST in the FIPS PUB 197
standard only support a block size of 128 bits.public static final byte ALG_AES_CBC_ISO9797_M1
ALG_AES_CBC_ISO9797_M1
provides a cipher
using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797
method 1 scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_AES_CBC
,
PAD_ISO9797_M1
constants respectively.
public static final byte ALG_AES_CBC_ISO9797_M2
ALG_AES_CBC_ISO9797_M2
provides a cipher
using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797
method 2 (ISO 7816-4, EMV'96) scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_AES_CBC
,
PAD_ISO9797_M2
constants respectively.
public static final byte ALG_AES_CBC_PKCS5
ALG_AES_CBC_PKCS5
provides a cipher
using AES with block size 128 in CBC mode, and pads input data according to the PKCS#5
scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_AES_CBC
,
PAD_PKCS5
constants respectively.
public static final byte ALG_AES_ECB_ISO9797_M1
ALG_AES_ECB_ISO9797_M1
provides a cipher
using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797
method 1 scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_AES_ECB
,
PAD_ISO9797_M1
constants respectively.
public static final byte ALG_AES_ECB_ISO9797_M2
ALG_AES_ECB_ISO9797_M2
provides a cipher
using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797
method 2 (ISO 7816-4, EMV'96) scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_AES_ECB
,
PAD_ISO9797_M2
constants respectively.
public static final byte ALG_AES_ECB_PKCS5
ALG_AES_ECB_PKCS5
provides a cipher using
AES with block size 128 in ECB mode, and pads input data according to the PKCS#5 scheme.
To request this algorithm using the
getInstance(byte, byte, boolean)
method use the CIPHER_AES_ECB
,
PAD_PKCS5
constants respectively.
public static final byte CIPHER_AES_CBC
CIPHER_AES_CBC
choice for the
cipherAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using AES with block size
128 in CBC mode.public static final byte CIPHER_AES_ECB
CIPHER_AES_ECB
choice for the
cipherAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using AES with block size
128 in ECB mode.public static final byte CIPHER_DES_CBC
CIPHER_DES_CBC
choice for the
cipherAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using DES in CBC mode.public static final byte CIPHER_DES_ECB
CIPHER_DES_ECB
choice for the
cipherAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using DES in ECB mode.public static final byte CIPHER_KOREAN_SEED_CBC
CIPHER_KOREAN_SEED_CBC
choice for the
cipherAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using KOREAN_SEED
in CBC mode.public static final byte CIPHER_KOREAN_SEED_ECB
CIPHER_KOREAN_SEED_ECB
choice for the
cipherAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using KOREAN_SEED
in ECB mode.public static final byte CIPHER_RSA
CIPHER_RSA
choice for the
cipherAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method. The cipher algorithm provides a cipher using RSA.public static final byte PAD_NULL
Signature.getInstance(byte, byte, byte, boolean)
method and
getInstance(byte, byte, boolean)
method.public static final byte PAD_NOPAD
PAD_NOPAD
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requires that the data length
is a multiple of the cipher algorithm block size. Otherwise, a CryptoException
is thrown.public static final byte PAD_ISO9797_M1
PAD_ISO9797_M1
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
ISO 9797 method 1 scheme.public static final byte PAD_ISO9797_M2
PAD_ISO9797_M2
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
ISO 9797 method 2 scheme.public static final byte PAD_ISO9797_1_M1_ALG3
PAD_ISO9797_1_M1_ALG3
choice for the paddingAlgorithm
parameter of the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
ISO9797-1 MAC algorithm 3 with method 1.public static final byte PAD_ISO9797_1_M2_ALG3
PAD_ISO9797_1_M2_ALG3
choice for the paddingAlgorithm
parameter of the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
ISO9797-1 MAC algorithm 3 with method 2 (also EMV'96, EMV'2000).public static final byte PAD_PKCS5
PAD_PKCS5
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS #5 scheme.public static final byte PAD_PKCS1
PAD_PKCS1
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS v1.5 scheme.public static final byte PAD_PKCS1_PSS
PAD_PKCS1
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS#1-PSS scheme (IEEE 1363-2000) scheme.public static final byte PAD_PKCS1_OAEP
PAD_PKCS1_OAEP
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS#1-OAEP scheme (IEEE 1363-2000).public static final byte PAD_PKCS1_OAEP_SHA224
PAD_PKCS1_OAEP_SHA224
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA224 as hash function.public static final byte PAD_PKCS1_OAEP_SHA256
PAD_PKCS1_OAEP_SHA256
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA256 as hash function.public static final byte PAD_PKCS1_OAEP_SHA384
PAD_PKCS1_OAEP_SHA384
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA384 as hash function.public static final byte PAD_PKCS1_OAEP_SHA512
PAD_PKCS1_OAEP_SHA512
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA512 as hash function.public static final byte PAD_PKCS1_OAEP_SHA3_224
PAD_PKCS1_OAEP_SHA3_224
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA3-224 as hash function.public static final byte PAD_PKCS1_OAEP_SHA3_256
PAD_PKCS1_OAEP_SHA3_256
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA3-256 as hash function.public static final byte PAD_PKCS1_OAEP_SHA3_384
PAD_PKCS1_OAEP_SHA3_384
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA3-384 as hash function.public static final byte PAD_PKCS1_OAEP_SHA3_512
PAD_PKCS1_OAEP_SHA3_512
choice for the paddingAlgorithm
parameter of the
getInstance(byte, byte, boolean)
method and the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
PKCS#1-OAEP scheme (IEEE 1363-2000) with SHA3-512 as hash function.public static final byte PAD_ISO9796
PAD_ISO9796
choice for the paddingAlgorithm
parameter of the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
ISO 9796-2 scheme as specified in EMV '96 and EMV 2000public static final byte PAD_ISO9796_MR
PAD_ISO9796_MR
choice for the paddingAlgorithm
parameter of the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
ISO9796-2 specification with message recovery(also EMV'96, EMV'2000).public static final byte PAD_RFC2409
PAD_RFC2409
choice for the paddingAlgorithm
parameter of the
Signature.getInstance(byte, byte, byte, boolean)
method. This padding algorithm choice requests padding based on the
RFC 2409 scheme.public static final byte MODE_DECRYPT
init()
methods to indicate decryption mode.public static final byte MODE_ENCRYPT
init()
methods to indicate encryption mode.public static final byte ALG_AES_CTR
ALG_AES_CTR
provides a cipher using
AES in counter (CTR) mode.public static final Cipher getInstance(byte algorithm, boolean externalAccess) throws CryptoException
Cipher
object instance of the selected
algorithm.algorithm
- the desired Cipher algorithm. Valid codes listed in
ALG_*
constants above, for example,
ALG_DES_CBC_NOPAD
.externalAccess
- true
indicates that the instance will be shared
among multiple applet instances and that the
Cipher
instance will also be accessed (via a
Shareable
interface) when the owner of the
Cipher
instance is not the currently selected
applet. If true
the implementation must not
allocate CLEAR_ON_DESELECT transient space for internal data.Cipher
object instance of the requested
algorithmCryptoException
- with the following reason codes:
CryptoException.NO_SUCH_ALGORITHM
if
the requested algorithm is not supported or shared access
mode is not supported.
getInstance(byte, byte, boolean)
,
getAlgorithm()
public static final Cipher getInstance(byte cipherAlgorithm, byte paddingAlgorithm, boolean externalAccess) throws CryptoException
Cipher
object instance with the selected
of the selected raw cipher algorithm and padding algorithm.
Note:
PAD_NULL
choice for the padding algorithm.
cipherAlgorithm
- the desired cipher algorithm. Valid codes listed in
CIPHER_*
constants in this class.g.
CIPHER_AES_CBC
.paddingAlgorithm
- the desired padding algorithm. Valid codes listed in
PAD_*
constants in this class e.g.
PAD_NULL
.externalAccess
- true
indicates that the instance will be shared
among multiple applet instances and that the
Cipher
instance will also be accessed (via a
Shareable
interface) when the owner of the
Cipher
instance is not the currently selected
applet. If true
the implementation must not
allocate CLEAR_ON_DESELECT transient space for internal data.Cipher
object instance of the requested
algorithmCryptoException
- with the following reason codes:
CryptoException.NO_SUCH_ALGORITHM
if
cipher algorithm or padding algorithm or their combination
or the requested shared access mode is not
supported.
getInstance(byte, boolean)
,
getCipherAlgorithm()
,
getPaddingAlgorithm()
public abstract void init(Key theKey, byte theMode) throws CryptoException
Cipher
object with the appropriate
Key
. This method should be used for algorithms which do
not need initialization parameters or use default parameter values.
init()
must be used to update the Cipher
object with a new key. If the Key
object is modified after
invoking the init()
method, the behavior of the
update()
and doFinal()
methods is
unspecified.
The Key
is checked for consistency with the Cipher
algorithm.
For example, the key type must be matched.
For elliptic curve algorithms, the key must represent a valid point on the
curve's domain parameters. Additional key component/domain parameter
strength checks are implementation specific.
Note:
theKey
parameter is a transient key,
the implementation should, whenever possible, use transient space for internal storage.
theKey
- the key object to use for encrypting or decryptingtheMode
- one of MODE_DECRYPT
or
MODE_ENCRYPT
CryptoException
- with the following reason codes:
CryptoException.ILLEGAL_VALUE
if
theMode
option is an undefined value or if
the Key
is inconsistent with the
Cipher
implementation.
CryptoException.UNINITIALIZED_KEY
if
theKey
instance is uninitialized.
public abstract void init(Key theKey, byte theMode, byte[] bArray, short bOff, short bLen) throws CryptoException
Cipher
object with the appropriate Key and
algorithm specific parameters.
init()
must be used to update the Cipher
object with a new key. If the Key
object is modified after
invoking the init()
method, the behavior of the
update()
and doFinal()
methods is
unspecified.
The Key
is checked for consistency with the Cipher
algorithm.
For example, the key type must be matched.
For elliptic curve algorithms, the key must represent a valid point on the
curve's domain parameters. Additional key component/domain parameter
strength checks are implementation specific.
Note:
bArray
.
bArray
.
bArray
.
CryptoException.ILLEGAL_VALUE
.
theKey
parameter is a transient key,
the implementation should, whenever possible, use transient space for internal storage.
theKey
- the key object to use for encrypting or decrypting.theMode
- one of MODE_DECRYPT
or
MODE_ENCRYPT
bArray
- byte array containing algorithm specific initialization infobOff
- offset within bArray where the algorithm specific data beginsbLen
- byte length of algorithm specific parameter dataCryptoException
- with the following reason codes:
CryptoException.ILLEGAL_VALUE
if
theMode
option is an undefined value or if
a byte array parameter option is not supported by the
algorithm or if the bLen
is an incorrect
byte length for the algorithm specific data or if the
Key
is inconsistent with the
Cipher
implementation.
CryptoException.UNINITIALIZED_KEY
if
theKey
instance is uninitialized.
public abstract byte getAlgorithm()
0
is returned.getInstance(byte, boolean)
public abstract byte getCipherAlgorithm()
CIPHER_*
constants in this class e.g.
CIPHER_AES_CBC
.0
is returned.public abstract byte getPaddingAlgorithm()
PAD_*
constants in this class e.g.
PAD_NULL
.Cipher
class; if
the algorithm is not one of the pre-defined algorithms, 0
is
returned.public abstract short doFinal(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset) throws CryptoException
update()
method as well as input data supplied in the
inBuff
parameter.
A call to this method also resets this Cipher
object to
the state it was in when previously initialized via a call to
init()
. That is, the object is reset and available to
encrypt or decrypt (depending on the operation mode that was specified in
the call to init()
) more data. In addition, note that the
initial vector(IV) used in AES, DES and Korean SEED algorithms will be
reset to 0.
Notes:
inBuff
and the output buffer,
outBuff
are the same array, then the output data area must not partially overlap the input data area such that
the input data is modified before it is used;
if inBuff==outBuff
andinOffset < outOffset < inOffset+inLength
,
incorrect output may result.
inBuff==outBuff
andoutOffset < inOffset+inLength
,
incorrect output may result.
init(Key, byte, byte[], short, short)
method.
outBuff
.
outBuff
may be larger or smaller than inLength
or even 0.
ArrayIndexOutOfBoundsException
,
outBuff
may be partially modified.
short
result, this method sets the
result in an internal state which can be rechecked using assertion methods
of the SensitiveResult
class,
if supported by the platform.inBuff
- the input buffer of data to be encrypted/decryptedinOffset
- the offset into the input buffer at which to begin
encryption/decryptioninLength
- the byte length to be encrypted/decryptedoutBuff
- the output buffer, may be the same as the input bufferoutOffset
- the offset into the output buffer where the resulting output
data beginsoutBuff
CryptoException
- with the following reason codes:
CryptoException.UNINITIALIZED_KEY
if
key not initialized.
CryptoException.INVALID_INIT
if this
Cipher
object is not initialized.
CryptoException.ILLEGAL_USE
if one of
the following conditions is met:
Cipher
algorithm does not pad the
message and the message is not block aligned.
Cipher
algorithm does not pad the
message and no input data has been provided in
inBuff
or via the update()
method.
public abstract short update(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset) throws CryptoException
This method requires temporary storage of intermediate results. In addition, if the input data length is not block aligned (multiple of block size) then additional internal storage may be allocated at this time to store a partial input data block. This may result in additional resource consumption and/or slow performance.
This method should only be used if all the input data required for the
cipher is not available in one byte array. If all the input data required
for the cipher is located in a single byte array, use of the
doFinal()
method to process all of the input data is
recommended. The doFinal()
method must be invoked to
complete processing of any remaining input data buffered by one or more
calls to the update()
method.
Notes:
inBuff
and the output buffer,
outBuff
are the same array, then the output data area must not partially overlap the input data area such that
the input data is modified before it is used;
if inBuff==outBuff
andinOffset < outOffset < inOffset+inLength
,
incorrect output may result.
inBuff==outBuff
andoutOffset < inOffset+inLength
,
incorrect output may result.
outBuff
.
outBuff
be larger or smaller than
inLength
or even 0.
inLength
is 0 this method does nothing.
short
result, this method sets the
result in an internal state which can be rechecked using assertion methods
of the SensitiveResult
class,
if supported by the platform.inBuff
- the input buffer of data to be encrypted/decryptedinOffset
- the offset into the input buffer at which to begin
encryption/decryptioninLength
- the byte length to be encrypted/decryptedoutBuff
- the output buffer, may be the same as the input bufferoutOffset
- the offset into the output buffer where the resulting
ciphertext/plaintext beginsoutBuff
CryptoException
- with the following reason codes:
CryptoException.UNINITIALIZED_KEY
if
key not initialized.
CryptoException.INVALID_INIT
if this
Cipher
object is not initialized.
CryptoException.ILLEGAL_USE
if the
input message length is not supported or the message value
is greater than or equal to the modulus.
Copyright © 1998, 2015, Oracle and/or its affiliates. All rights reserved. Use is subject to license terms