2362N/A * Copyright (c) 2002, 2007, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * This class represents the symmetric algorithms in its various modes 0N/A * (<code>ECB</code>, <code>CFB</code>, <code>OFB</code>, <code>CBC</code>, 0N/A * <code>PCBC</code>, <code>CTR</code>, and <code>CTS</code>) and 0N/A * padding schemes (<code>PKCS5Padding</code>, <code>NoPadding</code>, 0N/A * <code>ISO10126Padding</code>). 0N/A * @author Gigi Ankeny 0N/A * @see ElectronicCodeBook 0N/A * @see CipherFeedback 0N/A * @see OutputFeedback 0N/A * @see CipherBlockChaining 0N/A * @see CipherTextStealing 0N/A * unit size (number of input bytes that can be processed at a time) 0N/A * index of the content size left in the buffer 0N/A * minimum number of bytes in the buffer required for 0N/A * FeedbackCipher.encryptFinal()/decryptFinal() call. 0N/A * update() must buffer this many bytes before before starting 0N/A * currently, only CTS mode has a non-zero value due to its special 0N/A * handling on the last two blocks (the last one may be incomplete). 0N/A * number of bytes needed to make the total input length a multiple 0N/A * of the blocksize (this is used in feedback mode, when the number of 0N/A * input bytes that are processed at a time is different from the block 0N/A * internal cipher engine 0N/A * are we encrypting or decrypting? 0N/A * Block Mode constants 0N/A * Creates an instance of CipherCore with default ECB mode and 0N/A * The buffer should be usable for all cipher mode and padding 0N/A * schemes. Thus, it has to be at least (blockSize+1) for CTS. 0N/A * In decryption mode, it also hold the possible padding block. 0N/A // set mode and padding 0N/A * Sets the mode of this cipher. 0N/A * @param mode the cipher mode 0N/A * @exception NoSuchAlgorithmException if the requested cipher mode does 0N/A (
"Algorithm mode: " +
mode +
" not implemented");
0N/A (
"Invalid algorithm mode: " +
mode);
0N/A * Sets the padding mechanism of this cipher. 0N/A * @param padding the padding mechanism 0N/A * @exception NoSuchPaddingException if the requested padding mechanism 0N/A +
" not implemented");
0N/A " mode must be used with NoPadding");
0N/A * Returns the length in bytes that an output buffer would need to be in 0N/A * order to hold the result of the next <code>update</code> or 0N/A * <code>doFinal</code> operation, given the input length 0N/A * <code>inputLen</code> (in bytes). 0N/A * <p>This call takes into account any unprocessed (buffered) data from a 0N/A * previous <code>update</code> call, and padding. 0N/A * <p>The actual output length of the next <code>update</code> or 0N/A * <code>doFinal</code> call may be smaller than the length returned by 0N/A * @param inputLen the input length (in bytes) 0N/A * @return the required output buffer size (in bytes) 0N/A * Returns the initialization vector (IV) in a new buffer. 0N/A * <p>This is useful in the case where a random IV has been created 0N/A * (see <a href = "#init">init</a>), 0N/A * or in the context of password-based encryption or 0N/A * decryption, where the IV is derived from a user-provided password. 0N/A * @return the initialization vector in a new buffer, or null if the 0N/A * underlying algorithm does not use an IV, or if the IV has not yet 0N/A * Returns the parameters used with this cipher. 0N/A * <p>The returned parameters may be the same that were used to initialize 0N/A * this cipher, or may contain the default set of parameters or a set of 0N/A * randomly generated parameters used by the underlying cipher 0N/A * implementation (provided that the underlying cipher implementation 0N/A * uses a default set of parameters or creates new parameters if it needs 0N/A * parameters but was not initialized with any). 0N/A * @return the parameters used with this cipher, or null if this cipher 0N/A * does not use any parameters. 0N/A // should never happen 0N/A " AlgorithmParameters implementation in SunJCE provider");
0N/A // should never happen 0N/A // should never happen 0N/A * Initializes this cipher with a key and a source of randomness. 0N/A * <p>The cipher is initialized for one of the following four operations: 0N/A * encryption, decryption, key wrapping or key unwrapping, depending on 0N/A * the value of <code>opmode</code>. 0N/A * <p>If this cipher requires an initialization vector (IV), it will get 0N/A * it from <code>random</code>. 0N/A * This behaviour should only be used in encryption or key wrapping 0N/A * When initializing a cipher that requires an IV for decryption or 0N/A * key unwrapping, the IV 0N/A * (same IV that was used for encryption or key wrapping) must be provided 0N/A * parameter, in order to get the correct result. 0N/A * <p>This method also cleans existing buffer and other related state 0N/A * @param opmode the operation mode of this cipher (this is one of 0N/A * <code>ENCRYPT_MODE</code>, <code>DECRYPT_MODE</code>, 0N/A * <code>WRAP_MODE</code> or <code>UNWRAP_MODE</code>) 0N/A * @param key the secret key 0N/A * @param random the source of randomness 0N/A * @exception InvalidKeyException if the given key is inappropriate for 0N/A * initializing this cipher 0N/A * Initializes this cipher with a key, a set of 0N/A * algorithm parameters, and a source of randomness. 0N/A * <p>The cipher is initialized for one of the following four operations: 0N/A * encryption, decryption, key wrapping or key unwrapping, depending on 0N/A * the value of <code>opmode</code>. 0N/A * <p>If this cipher (including its underlying feedback or padding scheme) 0N/A * requires any random bytes, it will get them from <code>random</code>. 0N/A * @param opmode the operation mode of this cipher (this is one of 0N/A * <code>ENCRYPT_MODE</code>, <code>DECRYPT_MODE</code>, 0N/A * <code>WRAP_MODE</code> or <code>UNWRAP_MODE</code>) 0N/A * @param key the encryption key 0N/A * @param params the algorithm parameters 0N/A * @param random the source of randomness 0N/A * @exception InvalidKeyException if the given key is inappropriate for 0N/A * initializing this cipher 0N/A * @exception InvalidAlgorithmParameterException if the given algorithm 0N/A * parameters are inappropriate for this cipher 0N/A (
"ECB mode cannot use IV");
0N/A * Return the key bytes of the specified key. Throw an InvalidKeyException 0N/A * if the key is not usable. 0N/A // note: key.getFormat() may return null 0N/A * Continues a multiple-part encryption or decryption operation 0N/A * (depending on how this cipher was initialized), processing another data 0N/A * <p>The first <code>inputLen</code> bytes in the <code>input</code> 0N/A * buffer, starting at <code>inputOffset</code>, are processed, and the 0N/A * result is stored in a new buffer. 0N/A * @param input the input buffer 0N/A * @param inputOffset the offset in <code>input</code> where the input 0N/A * @param inputLen the input length 0N/A * @return the new buffer with the result 0N/A * @exception IllegalStateException if this cipher is in a wrong state 0N/A * (e.g., has not been initialized) 0N/A * Continues a multiple-part encryption or decryption operation 0N/A * (depending on how this cipher was initialized), processing another data 0N/A * <p>The first <code>inputLen</code> bytes in the <code>input</code> 0N/A * buffer, starting at <code>inputOffset</code>, are processed, and the 0N/A * result is stored in the <code>output</code> buffer, starting at 0N/A * <code>outputOffset</code>. 0N/A * @param input the input buffer 0N/A * @param inputOffset the offset in <code>input</code> where the input 0N/A * @param inputLen the input length 0N/A * @param output the buffer for the result 0N/A * @param outputOffset the offset in <code>output</code> where the result 0N/A * @return the number of bytes stored in <code>output</code> 0N/A * @exception ShortBufferException if the given output buffer is too small 0N/A * to hold the result 0N/A // figure out how much can be sent to crypto function 0N/A // do not include the padding bytes when decrypting 0N/A // do not count the trailing bytes which do not make up a unit 0N/A // check output buffer capacity 0N/A // there is some work to do 0N/A // Let's keep track of how many bytes are needed to make 0N/A // the total input length a multiple of blocksize when 0N/A // padding is applied 0N/A * Encrypts or decrypts data in a single-part operation, 0N/A * or finishes a multiple-part operation. 0N/A * The data is encrypted or decrypted, depending on how this cipher was 0N/A * <p>The first <code>inputLen</code> bytes in the <code>input</code> 0N/A * buffer, starting at <code>inputOffset</code>, and any input bytes that 0N/A * may have been buffered during a previous <code>update</code> operation, 0N/A * are processed, with padding (if requested) being applied. 0N/A * The result is stored in a new buffer. 0N/A * <p>The cipher is reset to its initial state (uninitialized) after this 0N/A * @param input the input buffer 0N/A * @param inputOffset the offset in <code>input</code> where the input 0N/A * @param inputLen the input length 0N/A * @return the new buffer with the result 0N/A * @exception IllegalBlockSizeException if this cipher is a block cipher, 0N/A * no padding has been requested (only in encryption mode), and the total 0N/A * input length of the data processed by this cipher is not a multiple of 0N/A * @exception BadPaddingException if this cipher is in decryption mode, 0N/A * and (un)padding has been requested, but the decrypted data is not 0N/A * bounded by the appropriate padding bytes 0N/A * Encrypts or decrypts data in a single-part operation, 0N/A * or finishes a multiple-part operation. 0N/A * The data is encrypted or decrypted, depending on how this cipher was 0N/A * <p>The first <code>inputLen</code> bytes in the <code>input</code> 0N/A * buffer, starting at <code>inputOffset</code>, and any input bytes that 0N/A * may have been buffered during a previous <code>update</code> operation, 0N/A * are processed, with padding (if requested) being applied. 0N/A * The result is stored in the <code>output</code> buffer, starting at 0N/A * <code>outputOffset</code>. 0N/A * <p>The cipher is reset to its initial state (uninitialized) after this 0N/A * @param input the input buffer 0N/A * @param inputOffset the offset in <code>input</code> where the input 0N/A * @param inputLen the input length 0N/A * @param output the buffer for the result 0N/A * @param outputOffset the offset in <code>output</code> where the result 0N/A * @return the number of bytes stored in <code>output</code> 0N/A * @exception IllegalBlockSizeException if this cipher is a block cipher, 0N/A * no padding has been requested (only in encryption mode), and the total 0N/A * input length of the data processed by this cipher is not a multiple of 0N/A * @exception ShortBufferException if the given output buffer is too small 0N/A * to hold the result 0N/A * @exception BadPaddingException if this cipher is in decryption mode, 0N/A * and (un)padding has been requested, but the decrypted data is not 0N/A * bounded by the appropriate padding bytes 0N/A // calculate the total input length 0N/A // will the total input length be a multiple of blockSize? 0N/A " when decrypting with padded cipher");
0N/A // if encrypting and padding not null, add padding 0N/A // check output buffer capacity. 0N/A // if we are decrypting with padding applied, we can perform this 0N/A // check only after we have determined how many padding bytes there 0N/A // prepare the final input avoiding copying if possible 0N/A // if the size of specified output buffer is less than 0N/A // the length of the cipher text, then the current 0N/A // content of cipher has to be preserved in order for 0N/A // users to retry the call with a larger buffer in the 0N/A // case of ShortBufferException. 0N/A // create temporary output buffer so that only "real" 0N/A // data bytes are passed to user's output buffer. 0N/A +
"properly padded");
0N/A // restore so users can retry with a larger buffer 0N/A }
else {
// encrypting 0N/A (
"Input length (with padding) not multiple of " +
0N/A // Note: Wrap() and Unwrap() are the same in 0N/A // each of SunJCE CipherSpi implementation classes. 0N/A // They are duplicated due to export control requirements: 0N/A // All CipherSpi implementation must be final. 0N/A * @param key the key to be wrapped. 0N/A * @return the wrapped key. 0N/A * @exception IllegalBlockSizeException if this cipher is a block 0N/A * cipher, no padding has been requested, and the length of the 0N/A * encoding of the key to be wrapped is not a 0N/A * multiple of the block size. 0N/A * @exception InvalidKeyException if it is impossible or unsafe to 0N/A * wrap the key with this cipher (e.g., a hardware protected key is 0N/A * being passed to a software only cipher). 0N/A "the key to be wrapped");
0N/A // Should never happen 0N/A * Unwrap a previously wrapped key. 0N/A * @param wrappedKey the key to be unwrapped. 0N/A * @param wrappedKeyAlgorithm the algorithm the wrapped key is for. 0N/A * @param wrappedKeyType the type of the wrapped key. 0N/A * This is one of <code>Cipher.SECRET_KEY</code>, 0N/A * <code>Cipher.PRIVATE_KEY</code>, or <code>Cipher.PUBLIC_KEY</code>. 0N/A * @return the unwrapped key. 0N/A * @exception NoSuchAlgorithmException if no installed providers 0N/A * can create keys of type <code>wrappedKeyType</code> for the 0N/A * <code>wrappedKeyAlgorithm</code>. 0N/A * @exception InvalidKeyException if <code>wrappedKey</code> does not 0N/A * represent a wrapped key of type <code>wrappedKeyType</code> for 0N/A * the <code>wrappedKeyAlgorithm</code>. 0N/A "the correct length");