|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--javax.crypto.CipherSpi | +--iaik.security.cipher.BufferedCipher | +--iaik.security.cipher.Twofish
Extends the BufferedCipher class for adding a buffering mechanism to the underlying Twofish cipher.
Twofish is a 128-bit Feistel-type block cipher that accepts a variable-length key up to 256 bits. It has been developed by B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall and N. Ferguson. It belongs to the final AES candidates. For more information consult the AES Web site at http://www.nist.gov/aes/.
You should contact the authors to determine the legal status of this algorithm!
This class only creates a BufferedCipher object for the Twofish
cipher.
Applications shall use
for creating a Twofish object. They optionally may specifiy operation mode (ECB (default), CBC, PCBC, OFB, CFB) and padding scheme (NoPadding (default), or PKCS5Padding as described in the PKCS #5: Password-Based Encryption Standard).Cipher.getInstance("Twofish", "IAIK");
When requesting this Twofish implementation without any mode specification
(Cipher.getInstance("Twofish")
), the Twofish algorithm is used in pure ECB
(Electronic Code Book) mode encrypting plaintext blocks into ciphertext blocks
independently from each other. The ECB mode is prone to codebook attacks and block
replay. A codebook attack may be successfully when being able to read plain- and
corresponding ciphertext blocks for a certain quantity of messages making it
possible to generate a codebook for decrypting blocks of further messages without
knowing the key. For being effective against codebook analyses and block replay
(often messages contain common sub-parts making it possible to unnoticed
replace these blocks) one can use the CBC mode makes the encryption of one
block of plain data conditional on all previously encrypted data blocks.
Since ECB encrypts each single block independently, it enables random access to encrypted data blocks which may be preferable for database encrypting. Often ECB is used for key-encrypting.
TwofishKeyGenerator
,
BufferedCipher
,
Cipher
Constructor Summary | |
Twofish()
Creates a Twofish object by calling the BufferedCipher constructor for the Twofish cipher. |
Method Summary | |
byte[] |
engineDoFinal(byte[] in,
int inOff,
int inLen)
Returns the result of the last step of a multi-step en/decryption operation or the result of a single-step en/decryption operation by processing the given input data and any remaining buffered data. |
int |
engineDoFinal(byte[] in,
int inOff,
int inLen,
byte[] out,
int outOff)
Performs the last step of a multi-step en/decryption operation or a single-step en/decryption operation by processing the given input data and any remaining buffered data. |
int |
engineGetBlockSize()
Returns the block size corresponding to this cipher. |
byte[] |
engineGetIV()
Returns a byte array containing the initialization vector (IV). |
protected int |
engineGetKeySize(Key key)
New method in JCE 1.2.1 |
int |
engineGetOutputSize(int inLen)
Returns the output buffer size necessary for capturing the data resulting from the next update or doFinal operation including
any data currently being buffered. |
AlgorithmParameters |
engineGetParameters()
Returns the parameters used with this cipher. |
void |
engineInit(int opmode,
Key key,
AlgorithmParameterSpec params,
SecureRandom random)
Initializes this cipher object with proper key and algorithm parameter values, and some random seed. |
void |
engineInit(int opmode,
Key key,
AlgorithmParameters params,
SecureRandom random)
Initializes this cipher object with proper key and algorithm parameter values, and some random seed. |
void |
engineInit(int opmode,
Key key,
SecureRandom random)
Initializes this cipher object with a proper key and some random seed. |
void |
engineSetMode(String mode)
Sets the mode of this cipher. |
void |
engineSetPadding(String paddingName)
Sets the padding scheme of this cipher. |
protected Key |
engineUnwrap(byte[] wrappedKey,
String wrappedKeyAlgorithm,
int wrappedKeyType)
Engine method for key unwrapping. |
byte[] |
engineUpdate(byte[] in,
int inOff,
int inLen)
This method is used to encrypt or decrypt chunks of data of any length. |
int |
engineUpdate(byte[] in,
int inOff,
int inLen,
byte[] out,
int outOff)
This method is used to encrypt or decrypt chunks of data of any length. |
protected byte[] |
engineWrap(Key key)
Engine method for key wrapping. |
int |
getModeBlockSize()
Returns the block size corresponding to the actual cipher mode. |
String |
toString()
Returns a string representation of this Cipher. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Constructor Detail |
public Twofish()
Cipher.getInstance
factory methods instead.
Cipher.getInstance(java.lang.String)
Method Detail |
public void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException
Before a cipher object is ready for data processing, it has to be initialized
according to the desired cryptographic operation, which is specified by the
opmode
parameter (either ENCRYPT_MODE or DECCRYPT_MODE), e.g.:
cipher_obj.init(Cipher.ENCRYPT_MODE, key, alg_params, random_seed);
The Cipher init
will call the proper CipherSpi
engineInit
method.
engineInit
in class CipherSpi
opmode
- the operation mode for which this cipher is used
(ENCRYPT_MODE or DECRYPT_MODE)key
- the keyparams
- the algorithm parametersrandom
- the random seedInvalidKeyException
- if the given key cannot be used for initializing this cipherInvalidAlgorithmParameterException
- if the given algorithm parameters donīt match to this cipherCipher.init(int, java.security.Key)
,
CipherSpi.engineInit(int, java.security.Key, java.security.SecureRandom)
public void engineInit(int opmode, Key key, SecureRandom random) throws InvalidKeyException
Before a cipher object is ready for data processing, it has to be initialized
according to the desired cryptographic operation, which is specified by the
opmode
parameter (either ENCRYPT_MODE or DECCRYPT_MODE), e.g.:
cipher_obj.init(Cipher.ENCRYPT_MODE, key, random_seed);
The Cipher init
will call the proper CipherSpi
engineInit
method.
If this cipher (including its underlying feedback or padding scheme) requires any random bytes, it will get them from random.
engineInit
in class CipherSpi
opmode
- the operation mode for which this cipher is used
(ENCRYPT_MODE or DECRYPT_MODE)key
- the keyrandom
- the random seedInvalidKeyException
- if the given key cannot be used for
initializing this cipherCipher.init(int, java.security.Key)
,
CipherSpi.engineInit(int, java.security.Key, java.security.SecureRandom)
public void engineInit(int opmode, Key key, AlgorithmParameters params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException
Before a cipher object is ready for data processing, it has to be initialized
according to the desired cryptographic operation, which is specified by the
opmode
parameter (either ENCRYPT_MODE or DECCRYPT_MODE), e.g.:
cipher_obj.init(Cipher.ENCRYPT_MODE, key, alg_params, random_seed);
The Cipher init
will call the proper CipherSpi
engineInit
method.
engineInit
in class CipherSpi
opmode
- the operation mode for which this cipher is used
(ENCRYPT_MODE or DECRYPT_MODE)key
- the keyparams
- the algorithm parametersrandom
- the random seedInvalidKeyException
- if the given key cannot be used for initializing this cipherInvalidAlgorithmParameterException
- if the given algorithm parameters donīt match to this cipherCipher.init(int, java.security.Key)
,
CipherSpi.engineInit(int, java.security.Key, java.security.SecureRandom)
public AlgorithmParameters engineGetParameters()
CipherSpi
engineGetParameters
in class CipherSpi
javax.crypto.CipherSpi
public void engineSetPadding(String paddingName) throws NoSuchPaddingException
If an application creates a cipher object by calling
Cipher.getInstance(...)
without specifying a particular
padding scheme, engineSetMode
is supplied with the
default "NoPadding" scheme.
The following padding schemes are supported:
engineSetPadding
in class CipherSpi
paddingName
- the name of the padding schemeNoSuchPaddingException
- if this padding scheme is not supportedCipherSpi.engineSetPadding(java.lang.String)
public void engineSetMode(String mode) throws NoSuchAlgorithmException
If an application creates a cipher object by calling
Cipher.getInstance(...)
without specifying a particular
cipher mode, engineSetMode
is supplied with the
default "ECB" mode.
The following modes are supported:
engineSetMode
in class CipherSpi
mode
- the cipher modeNoSuchAlgorithmException
- if this cipher mode is not supportedCipherSpi.engineSetMode(java.lang.String)
public byte[] engineUpdate(byte[] in, int inOff, int inLen)
doFinal()
method.
This method will automatically allocate an output buffer of the right size.engineUpdate
in class CipherSpi
in
- the input data.inOff
- the offset indicating where the subarray starts in the
in
array.inLen
- the length of the subarray.isFinal
- true, if this is the last call to updateBufferedCipher.engineDoFinal(byte[], int, int, byte[], int)
,
Cipher.doFinal()
,
Cipher.update(byte[])
,
CipherSpi.engineUpdate(byte[], int, int)
public int engineUpdate(byte[] in, int inOff, int inLen, byte[] out, int outOff) throws ShortBufferException
doFinal()
method.engineUpdate
in class CipherSpi
in
- the input data.inOff
- the offset indicating where the subarray starts in the in
array.inLen
- the length of the subarray.out
- the output buffer.outOff
- the offset indicating where to start writing
the result into the output buffer.out
array.ShoetBufferException
- if the buffer size is to shortBufferedCipher.engineDoFinal(byte[], int, int, byte[], int)
,
Cipher.doFinal()
,
Cipher.update(byte[])
,
CipherSpi.engineUpdate(byte[], int, int)
public int engineGetOutputSize(int inLen)
update
or doFinal
operation including
any data currently being buffered.engineGetOutputSize
in class CipherSpi
inLen
- the number of bytes to processCipher.getOutputSize(int)
,
CipherSpi.engineGetOutputSize(int)
public byte[] engineGetIV()
null
is returned.engineGetIV
in class CipherSpi
null
otherwise.Cipher.getIV()
,
CipherSpi.engineGetIV()
public int getModeBlockSize()
public int engineGetBlockSize()
engineGetBlockSize
in class CipherSpi
Cipher.getBlockSize()
,
CipherSpi.engineGetBlockSize()
public int engineDoFinal(byte[] in, int inOff, int inLen, byte[] out, int outOff) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
The data to be processed is given in an input byte array. Beginning at
inputOffset
, only the first inputLen
bytes are
en/decrypted, including any buffered bytes of a previous update
operation. If necessary, padding is performed. The result is stored in the
given output byte array, beginning at outputOffset
. The number
of bytes stored in this byte array are returned.
engineDoFinal
in class CipherSpi
in
- the byte array holding the data to be processedinOff
- the offset indicating the start position within the input byte arrayinLen
- the number of bytes to be processedout
- the byte array for holding the resultoutOff
- the offset indicating the start position within the output byte array
to which the en/decrypted data is writtenShortBufferException
- if the given output buffer is too small for holding the resultIllegalBlockSizeException
- if the total length of the processed data is not a multiple of the
block size for a (no padding performing) block cipherBadPaddingException
- if the decrypted data is not bounded by the proper padding bytes after data
decryption including (un)paddingCipher.doFinal()
,
CipherSpi.engineDoFinal(byte[], int, int)
public byte[] engineDoFinal(byte[] in, int inOff, int inLen) throws IllegalBlockSizeException, BadPaddingException
The data to be processed is given in an input byte array. Beginning at
inputOffset
, only the first inputLen
bytes are
en/decrypted, including any buffered bytes of a previous update
operation. If necessary, padding is performed. The result is returned as
a output byte array.
engineDoFinal
in class CipherSpi
in
- the byte array holding the data to be processedinOff
- the offset indicating the start position within the input byte arrayinLen
- the number of bytes to be processedIllegalBlockSizeException
- if the total length of the processed data is not a multiple of the block size for a
(no padding performing) block cipherBadPaddingException
- if the decrypted data is not bounded by the proper padding bytes after data
decryption including (un)paddingCipher.doFinal()
,
CipherSpi.engineDoFinal(byte[], int, int)
public String toString()
toString
in class Object
protected int engineGetKeySize(Key key) throws InvalidKeyException
CipherSpi
engineGetKeySize
in class CipherSpi
protected byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException
CipherSpi
engineWrap
in class CipherSpi
protected Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType) throws InvalidKeyException, NoSuchAlgorithmException
CipherSpi
engineUnwrap
in class CipherSpi
|
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note). | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |