au.net.aba.crypto.provider
Class PBE

java.lang.Object
  |
  +--javax.crypto.CipherSpi
        |
        +--au.net.aba.crypto.provider.PBE
Direct Known Subclasses:
PBEWithMD5AndDES, PBEWithSHA1And128BitRC4

public abstract class PBE
extends CipherSpi

This class implements a basic password based encryption (PBE) algorithm. The particular implementation of PBE will specify the cipher and digest algorithms to use as well as the specific mechanism used to convert the supplied password into a secret key.


Field Summary
protected  Cipher cipher
           
static java.lang.String ident
           
 
Fields inherited from class javax.crypto.CipherSpi
ident
 
Constructor Summary
protected PBE(java.lang.String cipherName)
           
 
Method Summary
protected  byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen)
          Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
protected  int engineDoFinal(byte[] input, int inputOff, int inputLen, byte[] output, int outputOff)
          Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.
protected  int engineGetBlockSize()
          Returns the block size (in bytes).
protected  byte[] engineGetIV()
          Returns the initialisation vector (IV) in a new buffer.
protected  int engineGetOutputSize(int inputLen)
          Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or doFinal operation, given the input length inputLen (in bytes).
protected  java.security.AlgorithmParameters engineGetParameters()
          Returns the parameters used with this cipher.
protected  void engineInit(int opmode, java.security.Key key, java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random)
          Initialises this cipher with a key, a set of algorithm parameters, and a source of randomness.
protected  void engineInit(int opmode, java.security.Key key, java.security.AlgorithmParameters params, java.security.SecureRandom random)
          Initialises this cipher with a key, a set of algorithm parameters, and a source of randomness.
protected  void engineInit(int opmode, java.security.Key key, java.security.SecureRandom random)
          Initialises this cipher with a key and a source of randomness.
protected  void engineSetMode(java.lang.String mode)
          Sets the mode of this cipher.
protected  void engineSetPadding(java.lang.String padding)
          Sets the padding mechanism of this cipher.
protected  byte[] engineUpdate(byte[] input, int inputOff, int inputLen)
          Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialised), processing another data part.
protected  int engineUpdate(byte[] input, int inputOff, int inputLen, byte[] output, int outputOff)
          Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialised), processing another data part.
protected abstract  void initCipher(int opmode, byte[] salt, int iteration, char[] password)
          This method is provided by the specific implementation to create the digest from the password and the algorithm parameters.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ident

public static final java.lang.String ident

cipher

protected Cipher cipher
Constructor Detail

PBE

protected PBE(java.lang.String cipherName)
Method Detail

engineSetMode

protected void engineSetMode(java.lang.String mode)
                      throws java.security.NoSuchAlgorithmException
Sets the mode of this cipher. Generally PBE ciphers only operate in a single mode and so this method will throw an exception.
Parameters:
mode - the cipher mode
Throws:
java.security.NoSuchAlgorithmException - if the requested cipher mode does not exist
Overrides:
engineSetMode in class CipherSpi

engineSetPadding

protected void engineSetPadding(java.lang.String padding)
                         throws NoSuchPaddingException
Sets the padding mechanism of this cipher. Generally PBE ciphers only operate in a single mode and so this method will throw an exception.
Parameters:
padding - the padding mechanism
Throws:
NoSuchPaddingException - if the requested padding mechanism does not exist.
Overrides:
engineSetPadding in class CipherSpi

engineGetBlockSize

protected int engineGetBlockSize()
Returns the block size (in bytes). This method will return the block size of the underlying Cipher.
Returns:
the block size (in bytes), or 0 if the underlying algorithm is not a block cipher
Overrides:
engineGetBlockSize in class CipherSpi

engineGetOutputSize

protected int engineGetOutputSize(int inputLen)
Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or doFinal operation, given the input length inputLen (in bytes).

This method will return a result based on the underlying cipher.

Parameters:
inputLen - the input length (in bytes)
Returns:
the required output buffer size (in bytes)
Overrides:
engineGetOutputSize in class CipherSpi

engineGetIV

protected byte[] engineGetIV()
Returns the initialisation vector (IV) in a new buffer.

This is useful in the context of password-based encryption or decryption, where the IV is derived from a user-provided passphrase.

Returns:
the initialisation vector in a new buffer, or null if the underlying algorithm does not use an IV, or if the IV has not yet been set.
Overrides:
engineGetIV in class CipherSpi

engineGetParameters

protected java.security.AlgorithmParameters engineGetParameters()
Returns the parameters used with this cipher.

Currently, the PBE ciphers do not support this method.

Returns:
the parameters used with this cipher, or null if this cipher does not use any parameters.
Overrides:
engineGetParameters in class CipherSpi

engineInit

protected void engineInit(int opmode,
                          java.security.Key key,
                          java.security.SecureRandom random)
                   throws java.security.InvalidKeyException
Initialises this cipher with a key and a source of randomness.

This method of initialisation is not supported for PBE ciphers as they require parameterisation that cannot be generated by the cipher.

Overrides:
engineInit in class CipherSpi

engineInit

protected void engineInit(int opmode,
                          java.security.Key key,
                          java.security.spec.AlgorithmParameterSpec params,
                          java.security.SecureRandom random)
                   throws java.security.InvalidKeyException,
                          java.security.InvalidAlgorithmParameterException
Initialises this cipher with a key, a set of algorithm parameters, and a source of randomness.

The key must be a PBEKey and the algorithm parameter spec must be a PBEParameterSpec.

The cipher is initialised for encryption or decryption, depending on the value of opmode.

Parameters:
opmode - the operation mode of this cipher (this is either ENCRYPT_MODE or DECRYPT_MODE)
key - the encryption key
params - the algorithm parameters
random - the source of randomness
Throws:
java.security.InvalidKeyException - if the given key is not a PBEKey
java.security.InvalidAlgorithmParameterException - if the given algorithm parameter instance is not a PBEParameterSpec.
Overrides:
engineInit in class CipherSpi

engineInit

protected void engineInit(int opmode,
                          java.security.Key key,
                          java.security.AlgorithmParameters params,
                          java.security.SecureRandom random)
                   throws java.security.InvalidKeyException,
                          java.security.InvalidAlgorithmParameterException
Initialises this cipher with a key, a set of algorithm parameters, and a source of randomness.

Attempts to convert the supplied algorithm parameters into a PBEParameterSpec and then initialise the cipher as above.

Parameters:
opmode - the operation mode of this cipher (this is either ENCRYPT_MODE or DECRYPT_MODE)
key - the encryption key
params - the algorithm parameters
random - the source of randomness
Throws:
java.security.InvalidKeyException - if the given key is not a PBEKey
java.security.InvalidAlgorithmParameterException - if the given algorithm parameters cannot be converted into a PBEParameterSpec
Overrides:
engineInit in class CipherSpi

engineUpdate

protected byte[] engineUpdate(byte[] input,
                              int inputOff,
                              int inputLen)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialised), processing another data part.

The first inputLen bytes in the input buffer, starting at inputOffset, are processed, and the result is stored in a new buffer.

Parameters:
input - the input buffer
inputOffset - the offset in input where the input starts
inputLen - the input length
Returns:
the new buffer with the result, or null if the underlying cipher is a block cipher and the input data is too short to result in a new block.
Overrides:
engineUpdate in class CipherSpi

engineUpdate

protected int engineUpdate(byte[] input,
                           int inputOff,
                           int inputLen,
                           byte[] output,
                           int outputOff)
                    throws ShortBufferException
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialised), processing another data part.

The first inputLen bytes in the input buffer, starting at inputOffset, are processed, and the result is stored in the output buffer, starting at outputOffset.

If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.

Parameters:
input - the input buffer
inputOffset - the offset in input where the input starts
inputLen - the input length
output - the buffer for the result
outputOffset - the offset in output where the result is stored
Returns:
the number of bytes stored in output
Throws:
ShortBufferException - if the given output buffer is too small to hold the result
Overrides:
engineUpdate in class CipherSpi

engineDoFinal

protected byte[] engineDoFinal(byte[] input,
                               int inputOffset,
                               int inputLen)
                        throws IllegalBlockSizeException,
                               BadPaddingException
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialised.

The first inputLen bytes in the input buffer, starting at inputOffset, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. The result is stored in a new buffer.

The cipher is reset to its initial state (uninitialised) after this call.

Parameters:
input - the input buffer
inputOffset - the offset in input where the input starts
inputLen - the input length
Returns:
the new buffer with the result
Throws:
IllegalBlockSizeException - if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size
BadPaddingException - if this cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes.
Overrides:
engineDoFinal in class CipherSpi

engineDoFinal

protected int engineDoFinal(byte[] input,
                            int inputOff,
                            int inputLen,
                            byte[] output,
                            int outputOff)
                     throws ShortBufferException,
                            IllegalBlockSizeException,
                            BadPaddingException
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialised.

The first inputLen bytes in the input buffer, starting at inputOffset, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. The result is stored in the output buffer, starting at outputOffset.

If the output buffer is too small to hold the result, a ShortBufferException is thrown. In this case, repeat this call with a larger output buffer. Use getOutputSize to determine how big the output buffer should be.

Parameters:
input - the input buffer
inputOffset - - the offset in input where the input starts
inputLen - - the input length
output - - the buffer for the result
outputOffset - - the offset in output where the result is stored
Throws:
IllegalBlockSizeException - if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size
ShortBufferException - if the given output buffer is too small to hold the result
BadPaddingException - if this cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes
Overrides:
engineDoFinal in class CipherSpi

initCipher

protected abstract void initCipher(int opmode,
                                   byte[] salt,
                                   int iteration,
                                   char[] password)
This method is provided by the specific implementation to create the digest from the password and the algorithm parameters. This digest is then used to create the SecretKey and the IV for the cipher.