Implements abstract javax.crypto.CipherSpi.engineDoFinal.

Doc from javax.crypto.CipherSpi.engineDoFinal.

Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this CipherSpi object was initialized.

The first inputLen bytes in the input buffer, starting at inputOffset inclusive, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. If an AEAD mode (such as GCM or CCM) is being used, the authentication tag is appended in the case of encryption, or verified in the case of decryption. The result is stored in a new buffer.

Upon finishing, this method resets this CipherSpi object to the state it was in when previously initialized via a call to engineInit. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to engineInit) more data.

Parameters

in:byte[]

the input buffer

inOfs:int

the offset in input where the input starts

inLen:int

the input length

Returns:byte[]

the new buffer with the result

Exceptions

IllegalBlockSizeException:

if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided

BadPaddingException:

if this CipherSpi object is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes

Implements abstract javax.crypto.CipherSpi.engineDoFinal.

Doc from javax.crypto.CipherSpi.engineDoFinal.

Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this CipherSpi object was initialized.

The first inputLen bytes in the input buffer, starting at inputOffset inclusive, and any input bytes that may have been buffered during a previous update operation, are processed, with padding (if requested) being applied. If an AEAD mode such as GCM or CCM is being used, the authentication tag is appended in the case of encryption, or verified in the case of decryption. The result is stored in the output buffer, starting at outputOffset inclusive.

If the output buffer is too small to hold the result, a ShortBufferException is thrown.

Upon finishing, this method resets this CipherSpi object to the state it was in when previously initialized via a call to engineInit. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to engineInit) more data.

Parameters

in:byte[]

the input buffer

inOfs:int

the offset in input where the input starts

inLen:int

the input length

out:byte[]

the buffer for the result

outOfs:int

the offset in output where the result is stored

Returns:int

the number of bytes stored in output

Exceptions

ShortBufferException:

if the given output buffer is too small to hold the result

IllegalBlockSizeException:

if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided

BadPaddingException:

if this CipherSpi object is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes

Overrides javax.crypto.CipherSpi.engineDoFinal.

Doc from javax.crypto.CipherSpi.engineDoFinal.

Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this CipherSpi object was initialized.

All input.remaining() bytes starting at input.position() are processed. If an AEAD mode such as GCM or CCM is being used, the authentication tag is appended in the case of encryption, or verified in the case of decryption. The result is stored in the output buffer. Upon return, the input buffer's position will be equal to its limit; its limit will not have changed. The output buffer's position will have advanced by n, where n is the value returned by this method; the output buffer's limit will not have changed.

If output.remaining() bytes are insufficient to hold the result, a ShortBufferException is thrown.

Upon finishing, this method resets this CipherSpi object to the state it was in when previously initialized via a call to engineInit. That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to engineInit more data.

Subclasses should consider overriding this method if they can process ByteBuffers more efficiently than byte arrays.

Parameters

inBuffer:ByteBuffer

the input ByteBuffer

outBuffer:ByteBuffer

the output ByteBuffer

Returns:int

the number of bytes stored in output

Annotations

@Override

Exceptions

ShortBufferException:

if there is insufficient space in the output buffer

IllegalBlockSizeException:

if this cipher is a block cipher, no padding has been requested (only in encryption mode), and the total input length of the data processed by this cipher is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided

BadPaddingException:

if this CipherSpi object is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes

Implements abstract javax.crypto.CipherSpi.engineGetBlockSize.

Doc from javax.crypto.CipherSpi.engineGetBlockSize.

Returns the block size (in bytes).

Returns:int

the block size (in bytes), or 0 if the algorithm is not a block cipher

Implements abstract javax.crypto.CipherSpi.engineGetIV.

Doc from javax.crypto.CipherSpi.engineGetIV.

Returns the initialization vector (IV) in a new buffer.

This is useful in the context of password-based encryption or decryption, where the IV is derived from a user-provided passphrase.

Returns:byte[]

the initialization vector in a new buffer, or null if the algorithm does not use an IV, or if the IV has not yet been set

Overrides javax.crypto.CipherSpi.engineGetKeySize.

Doc from javax.crypto.CipherSpi.engineGetKeySize.

Returns the key size of the given key object in bits.

This concrete method has been added to this previously-defined abstract class. It throws an UnsupportedOperationException if it is not overridden by the provider.

Parameters

key:Key

the key object

Returns:int

the key size of the given key object

Annotations

@Override

Exceptions

InvalidKeyException:

if key is invalid

Implements abstract javax.crypto.CipherSpi.engineGetOutputSize.

Doc from javax.crypto.CipherSpi.engineGetOutputSize.

Returns the length in bytes that an output buffer would need to be in order to hold the result of the next update or doFinal operation, given the input length inputLen (in bytes).

This call takes into account any unprocessed (buffered) data from a previous update call, padding, and AEAD tagging.

The actual output length of the next update or doFinal call may be smaller than the length returned by this method.

Parameters

inputLen:int

the input length (in bytes)

Returns:int

the required output buffer size (in bytes)

Implements abstract javax.crypto.CipherSpi.engineGetParameters.

Doc from javax.crypto.CipherSpi.engineGetParameters.

Returns the parameters used with this cipher.

The returned parameters may be the same that were used to initialize this cipher, or may contain additional default or random parameter values used by the underlying cipher implementation. If the required parameters were not supplied and can be generated by the cipher, the generated parameters are returned. Otherwise, null is returned.

Returns:AlgorithmParameters

the parameters used with this cipher, or null

Implements abstract javax.crypto.CipherSpi.engineInit.

Doc from javax.crypto.CipherSpi.engineInit.

Initializes this CipherSpi object with a key and a source of randomness.

The CipherSpi object is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of opmode.

If this cipher requires any algorithm parameters that cannot be derived from the given key, the underlying cipher implementation is supposed to generate the required parameters itself (using provider-specific default or random values) if it is being initialized for encryption or key wrapping, and raise an InvalidKeyException if it is being initialized for decryption or key unwrapping. The generated parameters can be retrieved using engineGetParameters or engineGetIV (if the parameter is an IV).

If this cipher requires algorithm parameters that cannot be derived from the input parameters, and there are no reasonable provider-specific default values, initialization will necessarily fail.

If this cipher (including its feedback or padding scheme) requires any random bytes (e.g., for parameter generation), it will get them from random.

Note that when a CipherSpi object is initialized, it loses all previously-acquired state. In other words, initializing a CipherSpi object is equivalent to creating a new instance of that CipherSpi object and initializing it.

Parameters

opmode:int

the operation mode of this CipherSpi object (this is one of the following: ENCRYPT_MODE, DECRYPT_MODE, WRAP_MODE or UNWRAP_MODE)

key:Key

the encryption key

random:SecureRandom

the source of randomness

Exceptions

InvalidKeyException:

if the given key is inappropriate for initializing this cipher, or requires algorithm parameters that cannot be determined from the given key

Implements abstract javax.crypto.CipherSpi.engineInit.

Doc from javax.crypto.CipherSpi.engineInit.

Initializes this CipherSpi object with a key, a set of algorithm parameters, and a source of randomness.

The CipherSpi object is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of opmode.

If this cipher requires any algorithm parameters and params is null, the underlying cipher implementation is supposed to generate the required parameters itself (using provider-specific default or random values) if it is being initialized for encryption or key wrapping, and raise an InvalidAlgorithmParameterException if it is being initialized for decryption or key unwrapping. The generated parameters can be retrieved using engineGetParameters or engineGetIV (if the parameter is an IV).

If this cipher requires algorithm parameters that cannot be derived from the input parameters, and there are no reasonable provider-specific default values, initialization will necessarily fail.

If this cipher (including its feedback or padding scheme) requires any random bytes (e.g., for parameter generation), it will get them from random.

Note that when a CipherSpi object is initialized, it loses all previously-acquired state. In other words, initializing a CipherSpi object is equivalent to creating a new instance of that CipherSpi object and initializing it.

Parameters

opmode:int

the operation mode of this CipherSpi object (this is one of the following: ENCRYPT_MODE, DECRYPT_MODE, WRAP_MODE, or UNWRAP_MODE)

key:Key

the encryption key

params:AlgorithmParameterSpec

the algorithm parameters

random:SecureRandom

the source of randomness

Exceptions

InvalidKeyException:

if the given key is inappropriate for initializing this cipher

InvalidAlgorithmParameterException:

if the given algorithm parameters are inappropriate for this cipher, or if this cipher requires algorithm parameters and params is null

Implements abstract javax.crypto.CipherSpi.engineInit.

Doc from javax.crypto.CipherSpi.engineInit.

Initializes this CipherSpi object with a key, a set of algorithm parameters, and a source of randomness.

The CipherSpi object is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of opmode.

If this cipher requires any algorithm parameters and params is null, the underlying cipher implementation is supposed to generate the required parameters itself (using provider-specific default or random values) if it is being initialized for encryption or key wrapping, and raise an InvalidAlgorithmParameterException if it is being initialized for decryption or key unwrapping. The generated parameters can be retrieved using engineGetParameters or engineGetIV (if the parameter is an IV).

If this cipher requires algorithm parameters that cannot be derived from the input parameters, and there are no reasonable provider-specific default values, initialization will necessarily fail.

If this cipher (including its feedback or padding scheme) requires any random bytes (e.g., for parameter generation), it will get them from random.

Note that when a CipherSpi object is initialized, it loses all previously-acquired state. In other words, initializing a CipherSpi object is equivalent to creating a new instance of that CipherSpi object and initializing it.

Parameters

opmode:int

the operation mode of this CipherSpi object (this is one of the following: ENCRYPT_MODE, DECRYPT_MODE, WRAP_MODE, or UNWRAP_MODE)

key:Key

the encryption key

params:AlgorithmParameters

the algorithm parameters

random:SecureRandom

the source of randomness

Exceptions

InvalidKeyException:

if the given key is inappropriate for initializing this cipher

InvalidAlgorithmParameterException:

if the given algorithm parameters are inappropriate for this cipher, or if this cipher requires algorithm parameters and params is null

Implements abstract javax.crypto.CipherSpi.engineSetMode.

Doc from javax.crypto.CipherSpi.engineSetMode.

Sets the mode of this cipher.

Parameters

mode:String

the cipher mode

Exceptions

NoSuchAlgorithmException:

if the requested cipher mode does not exist

Implements abstract javax.crypto.CipherSpi.engineSetPadding.

Doc from javax.crypto.CipherSpi.engineSetPadding.

Sets the padding mechanism of this cipher.

Parameters

padding:String

the padding mechanism

Exceptions

NoSuchPaddingException:

if the requested padding mechanism does not exist

Overrides javax.crypto.CipherSpi.engineUnwrap.

Doc from javax.crypto.CipherSpi.engineUnwrap.

Unwrap a previously wrapped key.

This concrete method has been added to this previously-defined abstract class. (For backwards compatibility, it cannot be abstract.) It may be overridden by a provider to unwrap a previously wrapped key. Such an override is expected to throw an InvalidKeyException if the given wrapped key cannot be unwrapped. If this method is not overridden, it always throws an UnsupportedOperationException.

Parameters

wrappedKey:byte[]

the key to be unwrapped

wrappedKeyAlgorithm:String

the algorithm associated with the wrapped key

wrappedKeyType:int

the type of the wrapped key. This is one of SECRET_KEY, PRIVATE_KEY, or PUBLIC_KEY.

Returns:Key

the unwrapped key

Exceptions

InvalidKeyException:

if wrappedKey does not represent a wrapped key of type wrappedKeyType for the wrappedKeyAlgorithm

NoSuchAlgorithmException:

if no installed providers can create keys of type wrappedKeyType for the wrappedKeyAlgorithm

Implements abstract javax.crypto.CipherSpi.engineUpdate.

Doc from javax.crypto.CipherSpi.engineUpdate.

Continues a multiple-part encryption or decryption operation (depending on how this CipherSpi object was initialized), processing another data part.

The first inputLen bytes in the input buffer, starting at inputOffset inclusive, are processed, and the result is stored in a new buffer.

Parameters

in:byte[]

the input buffer

inOfs:int

the offset in input where the input starts

inLen:int

the input length

Returns:byte[]

the new buffer with the result, or null if the cipher is a block cipher and the input data is too short to result in a new block

Implements abstract javax.crypto.CipherSpi.engineUpdate.

Doc from javax.crypto.CipherSpi.engineUpdate.

Continues a multiple-part encryption or decryption operation (depending on how this CipherSpi object was initialized), processing another data part.

The first inputLen bytes in the input buffer, starting at inputOffset inclusive, are processed, and the result is stored in the output buffer, starting at outputOffset inclusive.

If the output buffer is too small to hold the result, a ShortBufferException is thrown.

Parameters

in:byte[]

the input buffer

inOfs:int

the offset in input where the input starts

inLen:int

the input length

out:byte[]

the buffer for the result

outOfs:int

the offset in output where the result is stored

Returns:int

the number of bytes stored in output

Exceptions

ShortBufferException:

if the given output buffer is too small to hold the result

Overrides javax.crypto.CipherSpi.engineUpdate.

Doc from javax.crypto.CipherSpi.engineUpdate.

Continues a multiple-part encryption or decryption operation (depending on how this CipherSpi object was initialized), processing another data part.

All input.remaining() bytes starting at input.position() are processed. The result is stored in the output buffer. Upon return, the input buffer's position will be equal to its limit; its limit will not have changed. The output buffer's position will have advanced by n, where n is the value returned by this method; the output buffer's limit will not have changed.

If output.remaining() bytes are insufficient to hold the result, a ShortBufferException is thrown.

Subclasses should consider overriding this method if they can process ByteBuffers more efficiently than byte arrays.

Parameters

inBuffer:ByteBuffer

the input ByteBuffer

outBuffer:ByteBuffer

the output ByteBuffer

Returns:int

the number of bytes stored in output

Annotations

@Override

Exceptions

ShortBufferException:

if there is insufficient space in the output buffer

Overrides javax.crypto.CipherSpi.engineWrap.

Doc from javax.crypto.CipherSpi.engineWrap.

Wrap a key.

This concrete method has been added to this previously-defined abstract class. (For backwards compatibility, it cannot be abstract.) It may be overridden by a provider to wrap a key. Such an override is expected to throw an IllegalBlockSizeException or InvalidKeyException (under the specified circumstances), if the given key cannot be wrapped. If this method is not overridden, it always throws an UnsupportedOperationException.

Parameters

key:Key

the key to be wrapped

Returns:byte[]

the wrapped key

Exceptions

IllegalBlockSizeException:

if this cipher is a block cipher, no padding has been requested, and the length of the encoding of the key to be wrapped is not a multiple of the block size

InvalidKeyException:

if it is impossible or unsafe to wrap the key with this cipher (e.g., a hardware protected key is being passed to a software-only cipher)