src/share/classes/javax/crypto/Cipher.java

Print this page 







  45 
  46 import sun.security.util.Debug;
  47 import sun.security.jca.*;
  48 
  49 /**
  50  * This class provides the functionality of a cryptographic cipher for
  51  * encryption and decryption. It forms the core of the Java Cryptographic
  52  * Extension (JCE) framework.
  53  *
  54  * <p>In order to create a Cipher object, the application calls the
  55  * Cipher's <code>getInstance</code> method, and passes the name of the
  56  * requested <i>transformation</i> to it. Optionally, the name of a provider
  57  * may be specified.
  58  *
  59  * <p>A <i>transformation</i> is a string that describes the operation (or
  60  * set of operations) to be performed on the given input, to produce some
  61  * output. A transformation always includes the name of a cryptographic
  62  * algorithm (e.g., <i>DES</i>), and may be followed by a feedback mode and
  63  * padding scheme.
  64  *
  65  * <p> A transformation is of the form:<p>
  66  *
  67  * <ul>
  68  * <li>"<i>algorithm/mode/padding</i>" or
  69  * <p>
  70  * <li>"<i>algorithm</i>"
  71  * </ul>
  72  *
  73  * <P> (in the latter case,
  74  * provider-specific default values for the mode and padding scheme are used).
  75  * For example, the following is a valid transformation:<p>
  76  *
  77  * <pre>
  78  *     Cipher c = Cipher.getInstance("<i>DES/CBC/PKCS5Padding</i>");
  79  * </pre>
  80  *
  81  * Using modes such as <code>CFB</code> and <code>OFB</code>, block
  82  * ciphers can encrypt data in units smaller than the cipher's actual
  83  * block size.  When requesting such a mode, you may optionally specify
  84  * the number of bits to be processed at a time by appending this number
  85  * to the mode name as shown in the "<code>DES/CFB8/NoPadding</code>" and
  86  * "<code>DES/OFB32/PKCS5Padding</code>" transformations. If no such
  87  * number is specified, a provider-specific default is used. (For
  88  * example, the SunJCE provider uses a default of 64 bits for DES.)
  89  * Thus, block ciphers can be turned into byte-oriented stream ciphers by
  90  * using an 8 bit mode such as CFB8 or OFB8.
  91  * <p>
  92  * Modes such as Authenticated Encryption with Associated Data (AEAD)
  93  * provide authenticity assurances for both confidential data and
  94  * Additional Associated Data (AAD) that is not encrypted.  (Please see
  95  * <a href="http://www.ietf.org/rfc/rfc5116.txt"> RFC 5116 </a> for more






  45 
  46 import sun.security.util.Debug;
  47 import sun.security.jca.*;
  48 
  49 /**
  50  * This class provides the functionality of a cryptographic cipher for
  51  * encryption and decryption. It forms the core of the Java Cryptographic
  52  * Extension (JCE) framework.
  53  *
  54  * <p>In order to create a Cipher object, the application calls the
  55  * Cipher's <code>getInstance</code> method, and passes the name of the
  56  * requested <i>transformation</i> to it. Optionally, the name of a provider
  57  * may be specified.
  58  *
  59  * <p>A <i>transformation</i> is a string that describes the operation (or
  60  * set of operations) to be performed on the given input, to produce some
  61  * output. A transformation always includes the name of a cryptographic
  62  * algorithm (e.g., <i>DES</i>), and may be followed by a feedback mode and
  63  * padding scheme.
  64  *
  65  * <p> A transformation is of the form:
  66  *
  67  * <ul>
  68  * <li>"<i>algorithm/mode/padding</i>" or
  69  *
  70  * <li>"<i>algorithm</i>"
  71  * </ul>
  72  *
  73  * <P> (in the latter case,
  74  * provider-specific default values for the mode and padding scheme are used).
  75  * For example, the following is a valid transformation:
  76  *
  77  * <pre>
  78  *     Cipher c = Cipher.getInstance("<i>DES/CBC/PKCS5Padding</i>");
  79  * </pre>
  80  *
  81  * Using modes such as <code>CFB</code> and <code>OFB</code>, block
  82  * ciphers can encrypt data in units smaller than the cipher's actual
  83  * block size.  When requesting such a mode, you may optionally specify
  84  * the number of bits to be processed at a time by appending this number
  85  * to the mode name as shown in the "<code>DES/CFB8/NoPadding</code>" and
  86  * "<code>DES/OFB32/PKCS5Padding</code>" transformations. If no such
  87  * number is specified, a provider-specific default is used. (For
  88  * example, the SunJCE provider uses a default of 64 bits for DES.)
  89  * Thus, block ciphers can be turned into byte-oriented stream ciphers by
  90  * using an 8 bit mode such as CFB8 or OFB8.
  91  * <p>
  92  * Modes such as Authenticated Encryption with Associated Data (AEAD)
  93  * provide authenticity assurances for both confidential data and
  94  * Additional Associated Data (AAD) that is not encrypted.  (Please see
  95  * <a href="http://www.ietf.org/rfc/rfc5116.txt"> RFC 5116 </a> for more