java.lang.Object | |
↳ | javax.crypto.Cipher |
Known Direct Subclasses |
This class provides access to implementations of cryptographic ciphers for
encryption and decryption. Cipher classes can not be instantiated directly,
one has to call the Cipher's getInstance
method with the name of a
requested transformation, optionally with a provider. A transformation
specifies an operation (or a set of operations) as a string in the form:
A valid transformation would be:
Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
Constants | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
int | DECRYPT_MODE | Constant for decryption operation mode. | |||||||||
int | ENCRYPT_MODE | Constant for encryption operation mode. | |||||||||
int | PRIVATE_KEY | Constant indicating that the key to be unwrapped is a private key. | |||||||||
int | PUBLIC_KEY | Constant indicating that the key to be unwrapped is a public key. | |||||||||
int | SECRET_KEY | Constant indicating that the key to be unwrapped is a secret key. | |||||||||
int | UNWRAP_MODE | Constant for key unwrapping operation mode. | |||||||||
int | WRAP_MODE | Constant for key wrapping operation mode. |
Protected Constructors | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Creates a new Cipher instance.
|
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Finishes a multi-part transformation (encryption or decryption).
| |||||||||||
Finishes a multi-part transformation (encryption or decryption).
| |||||||||||
Finishes a multi-part transformation (encryption or decryption).
| |||||||||||
Finishes a multi-part transformation (encryption or decryption).
| |||||||||||
Finishes a multi-part transformation (encryption or decryption).
| |||||||||||
Finishes a multi-part transformation (encryption or decryption).
| |||||||||||
Finishes a multi-part transformation (encryption or decryption).
| |||||||||||
Returns the name of the algorithm of this cipher instance.
| |||||||||||
Returns this ciphers block size (in bytes).
| |||||||||||
Returns the exemption mechanism associated with this cipher.
| |||||||||||
Returns the initialization vector for this cipher instance.
| |||||||||||
Creates a new cipher for the specified transformation provided by the
specified provider.
| |||||||||||
Creates a new cipher for the specified transformation.
| |||||||||||
Creates a new Cipher for the specified transformation.
| |||||||||||
Returns the maximum key length for the specified transformation.
| |||||||||||
Returns the maximum cipher parameter value for the specified
transformation.
| |||||||||||
Returns the length in bytes an output buffer needs to be when this cipher
is updated with
inputLen bytes.
| |||||||||||
Returns the parameters that where used to create this cipher instance.
| |||||||||||
Returns the provider of this cipher instance.
| |||||||||||
Initializes this cipher instance with the specified key.
| |||||||||||
Initializes this cipher instance with the specified key and a source of
randomness.
| |||||||||||
Initializes this cipher instance with the specified key, algorithm
parameters and a source of randomness.
| |||||||||||
Initializes this cipher instance with the specified key, algorithm
parameters and a source of randomness.
| |||||||||||
Initializes this cipher instance with the specified key and algorithm
parameters.
| |||||||||||
Initializes this cipher instance with the public key from the specified
certificate and a source of randomness.
| |||||||||||
Initializes this cipher instance with the public key from the specified
certificate.
| |||||||||||
Initializes this cipher instance with the specified key and algorithm
parameters.
| |||||||||||
Unwraps a key using this cipher instance.
| |||||||||||
Continues a multi-part transformation (encryption or decryption).
| |||||||||||
Continues a multi-part transformation (encryption or decryption).
| |||||||||||
Continues a multi-part transformation (encryption or decryption).
| |||||||||||
Continues a multi-part transformation (encryption or decryption).
| |||||||||||
Continues a multi-part transformation (encryption or decryption).
| |||||||||||
Continues a multi-part transformation (encryption or decryption) with
Authenticated Additional Data (AAD).
| |||||||||||
Continues a multi-part transformation (encryption or decryption) with
Authenticated Additional Data (AAD).
| |||||||||||
Continues a multi-part transformation (encryption or decryption) with
Authenticated Additional Data (AAD).
| |||||||||||
Wraps a key using this cipher instance.
|
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
|
Constant for decryption operation mode.
Constant for encryption operation mode.
Constant indicating that the key to be unwrapped is a private key.
Constant indicating that the key to be unwrapped is a public key.
Constant indicating that the key to be unwrapped is a secret key.
Constant for key unwrapping operation mode.
Constant for key wrapping operation mode.
Creates a new Cipher instance.
cipherSpi | the implementation delegate of the cipher. |
---|---|
provider | the provider of the implementation of this cipher. |
transformation | the name of the transformation that this cipher performs. |
NullPointerException | if either cipherSpi is null or provider is null and cipherSpi is a NullCipherSpi .
|
---|
Finishes a multi-part transformation (encryption or decryption).
Processes any bytes that may have been buffered in previous update
calls.
The final transformed bytes are stored in the output
buffer.
output | the output buffer. |
---|---|
outputOffset | the offset in the output buffer. |
IllegalBlockSizeException | if the size of the resulting bytes is not a multiple of the cipher block size. |
---|---|
ShortBufferException | if the size of the output buffer is too small. |
BadPaddingException | if the padding of the data does not match the padding scheme. |
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
Finishes a multi-part transformation (encryption or decryption).
Processes the inputLen
bytes in input
buffer at inputOffset
, and any bytes that have been buffered in previous update
calls.
input | the input buffer. |
---|---|
inputOffset | the offset in the input buffer. |
inputLen | the length of the input |
IllegalBlockSizeException | if the size of the resulting bytes is not a multiple of the cipher block size. |
---|---|
BadPaddingException | if the padding of the data does not match the padding scheme. |
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
IllegalArgumentException | if inputOffset and inputLen do not specify an
valid chunk in the input buffer.
|
Finishes a multi-part transformation (encryption or decryption).
Processes the inputLen
bytes in input
buffer at inputOffset
, and any bytes that have been buffered in previous update
calls.
input | the input buffer. |
---|---|
inputOffset | the offset in the input buffer. |
inputLen | the length of the input. |
output | the output buffer for the transformed bytes. |
outputOffset | the offset in the output buffer. |
ShortBufferException | if the size of the output buffer is too small. |
---|---|
IllegalBlockSizeException | if the size of the resulting bytes is not a multiple of the cipher block size. |
BadPaddingException | if the padding of the data does not match the padding scheme. |
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
IllegalArgumentException | if inputOffset and inputLen do not specify an
valid chunk in the input buffer.
|
Finishes a multi-part transformation (encryption or decryption).
Processes the inputLen
bytes in input
buffer at inputOffset
, and any bytes that have been buffered in previous update
calls.
input | the input buffer. |
---|---|
inputOffset | the offset in the input buffer. |
inputLen | the length of the input. |
output | the output buffer for the transformed bytes. |
ShortBufferException | if the size of the output buffer is too small. |
---|---|
IllegalBlockSizeException | if the size of the resulting bytes is not a multiple of the cipher block size. |
BadPaddingException | if the padding of the data does not match the padding scheme. |
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
IllegalArgumentException | if inputOffset and inputLen do not specify an
valid chunk in the input buffer.
|
Finishes a multi-part transformation (encryption or decryption).
Processes the bytes in input
buffer, and any bytes that have been
buffered in previous update
calls.
input | the input buffer. |
---|
IllegalBlockSizeException | if the size of the resulting bytes is not a multiple of the cipher block size. |
---|---|
BadPaddingException | if the padding of the data does not match the padding scheme. |
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
Finishes a multi-part transformation (encryption or decryption).
Processes the input.remaining()
bytes in input
buffer at
input.position()
, and any bytes that have been buffered in
previous update
calls. The transformed bytes are placed into
output
buffer.
input | the input buffer. |
---|---|
output | the output buffer. |
ShortBufferException | if the size of the output buffer is too small. |
---|---|
IllegalBlockSizeException | if the size of the resulting bytes is not a multiple of the cipher block size. |
BadPaddingException | if the padding of the data does not match the padding scheme. |
IllegalArgumentException | if the input buffer and the output buffer are the same object. |
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
Finishes a multi-part transformation (encryption or decryption).
Processes any bytes that may have been buffered in previous update
calls.
IllegalBlockSizeException | if the size of the resulting bytes is not a multiple of the cipher block size. |
---|---|
BadPaddingException | if the padding of the data does not match the padding scheme. |
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
Returns the name of the algorithm of this cipher instance.
This is the name of the transformation argument used in the
getInstance
call creating this object.
Returns this ciphers block size (in bytes).
Returns the exemption mechanism associated with this cipher.
null
Returns the initialization vector for this cipher instance.
Creates a new cipher for the specified transformation provided by the specified provider.
transformation | the name of the transformation to create a cipher for. |
---|---|
provider | the name of the provider to ask for the transformation. |
NoSuchAlgorithmException | if the specified provider can not provide the
transformation, or it is null , empty or in an
invalid format. |
---|---|
NoSuchProviderException | if no provider with the specified name can be found. |
NoSuchPaddingException | if the requested padding scheme in the transformation is not available. |
IllegalArgumentException | if the specified provider is null .
|
Creates a new cipher for the specified transformation. The
provider
supplied does not have to be registered.
transformation | the name of the transformation to create a cipher for. |
---|---|
provider | the provider to ask for the transformation. |
NoSuchAlgorithmException | if the specified provider can not provide the
transformation, or it is null , empty or in an
invalid format. |
---|---|
NoSuchPaddingException | if the requested padding scheme in the transformation is not available. |
IllegalArgumentException | if the provider is null .
|
Creates a new Cipher for the specified transformation. The installed providers are searched in order for an implementation of the specified transformation. The first found provider providing the transformation is used to create the cipher. If no provider is found an exception is thrown.
transformation | the name of the transformation to create a cipher for. |
---|
NoSuchAlgorithmException | if no installed provider can provide the
transformation, or it is null , empty or in an
invalid format. |
---|---|
NoSuchPaddingException | if no installed provider can provide the padding scheme in the transformation. |
Returns the maximum key length for the specified transformation.
transformation | the transformation name. |
---|
Integer.MAX_VALUE
.NoSuchAlgorithmException | if no provider for the specified transformation can
be found. |
---|---|
NullPointerException | if transformation is null .
|
Returns the maximum cipher parameter value for the specified
transformation. If there is no maximum limit, null
is returned.
transformation | the transformation name. |
---|
null
.
Currently null
.NoSuchAlgorithmException | if no provider for the specified transformation can
be found. |
---|---|
NullPointerException | if transformation is null .
|
Returns the length in bytes an output buffer needs to be when this cipher
is updated with inputLen
bytes.
inputLen | the number of bytes of the input. |
---|
IllegalStateException | if this cipher instance is in an invalid state. |
---|
Returns the parameters that where used to create this cipher instance.
These may be a the same parameters that were used to create this cipher instance, or may be a combination of default and random parameters, depending on the underlying cipher implementation.
null
if this cipher instance does not have any
parameters.
Returns the provider of this cipher instance.
Initializes this cipher instance with the specified key.
The cipher is initialized for the specified operational mode (one of:
encryption, decryption, key wrapping or key unwrapping) depending on
opmode
.
If this cipher instance needs any algorithm parameters or random values that the specified key can not provide, the underlying implementation of this cipher is supposed to generate the required parameters (using its provider or random values).
When a cipher instance is initialized by a call to any of the init
methods, the state of the instance is overridden, meaning that it
is equivalent to creating a new instance and calling its init
method.
opmode | the operation this cipher instance should be initialized for
(one of: ENCRYPT_MODE , DECRYPT_MODE , WRAP_MODE or UNWRAP_MODE ). |
---|---|
key | the input key for the operation. |
InvalidKeyException | if the specified key can not be used to initialize this cipher instance. |
---|
Initializes this cipher instance with the specified key and a source of randomness.
The cipher is initialized for the specified operational mode (one of:
encryption, decryption, key wrapping or key unwrapping) depending on
opmode
.
If this cipher instance needs any algorithm parameters or random values
that the specified key can not provide, the underlying implementation of
this cipher is supposed to generate the required parameters (using its
provider or random values). Random values are generated using random
;
When a cipher instance is initialized by a call to any of the init
methods, the state of the instance is overridden, means it is
equivalent to creating a new instance and calling it init
method.
opmode | the operation this cipher instance should be initialized for
(one of: ENCRYPT_MODE , DECRYPT_MODE , WRAP_MODE or UNWRAP_MODE ). |
---|---|
key | the input key for the operation. |
random | the source of randomness to use. |
InvalidKeyException | if the specified key can not be used to initialize this cipher instance. |
---|---|
InvalidParameterException | if the specified opmode is invalid. |
Initializes this cipher instance with the specified key, algorithm parameters and a source of randomness.
The cipher is initialized for the specified operational mode (one of:
encryption, decryption, key wrapping or key unwrapping) depending on
opmode
.
If this cipher instance needs any algorithm parameters and params
is null
, the underlying implementation of this cipher is supposed
to generate the required parameters (using its provider or random
values). Random values are generated using random
;
When a cipher instance is initialized by a call to any of the init
methods, the state of the instance is overridden, meaning that it
is equivalent to creating a new instance and calling it init
method.
opmode | the operation this cipher instance should be initialized for
(one of: ENCRYPT_MODE , DECRYPT_MODE , WRAP_MODE or UNWRAP_MODE ). |
---|---|
key | the input key for the operation. |
params | the algorithm parameters. |
random | the source of randomness to use. |
InvalidKeyException | if the specified key can not be used to initialize this cipher instance. |
---|---|
InvalidAlgorithmParameterException | it the specified parameters are inappropriate for this cipher. |
InvalidParameterException | if the specified opmode is invalid.
|
Initializes this cipher instance with the specified key, algorithm parameters and a source of randomness.
The cipher will be initialized for the specified operation (one of:
encryption, decryption, key wrapping or key unwrapping) depending on
opmode
.
If this cipher instance needs any algorithm parameters and params
is null
, the underlying implementation of this cipher is supposed
to generate the required parameters (using its provider or random
values). Random values are generated using random
.
When a cipher instance is initialized by a call to any of the init
methods, the state of the instance is overridden, means it is
equivalent to creating a new instance and calling it init
method.
opmode | the operation this cipher instance should be initialized for
(one of: ENCRYPT_MODE , DECRYPT_MODE , WRAP_MODE or UNWRAP_MODE ). |
---|---|
key | the input key for the operation. |
params | the algorithm parameters. |
random | the source of randomness to use. |
InvalidKeyException | if the specified key can not be used to initialize this cipher instance. |
---|---|
InvalidAlgorithmParameterException | if the specified parameters are inappropriate for this cipher. |
InvalidParameterException | if the specified opmode is invalid.
|
Initializes this cipher instance with the specified key and algorithm parameters.
The cipher is initialized for the specified operational mode (one of: encryption, decryption, key wrapping or key unwrapping).
If this cipher instance needs any algorithm parameters and params
is null
, the underlying implementation of this cipher is supposed
to generate the required parameters (using its provider or random
values).
When a cipher instance is initialized by a call to any of the init
methods, the state of the instance is overridden, means it is
equivalent to creating a new instance and calling it init
method.
opmode | the operation this cipher instance should be initialized for
(one of: ENCRYPT_MODE , DECRYPT_MODE , WRAP_MODE or UNWRAP_MODE ). |
---|---|
key | the input key for the operation. |
params | the algorithm parameters. |
InvalidKeyException | if the specified key can not be used to initialize this cipher instance. |
---|---|
InvalidAlgorithmParameterException | it the specified parameters are inappropriate for this cipher. |
Initializes this cipher instance with the public key from the specified certificate and a source of randomness.
The cipher will be initialized for the specified operation (one of:
encryption, decryption, key wrapping or key unwrapping) depending on
opmode
.
It the type of the certificate is X.509 and the certificate has a key
usage extension field marked as critical, the specified opmode
has the be enabled for this key, otherwise an InvalidKeyException
is thrown.
If this cipher instance needs any algorithm parameters that the key in
the certificate can not provide, the underlying implementation of this
cipher is supposed to generate the required parameters (using its
provider or random values). Random values are generated using random
.
When a cipher instance is initialized by a call to any of the init
methods, the state of the instance is overridden, means it is
equivalent to creating a new instance and calling it init
method.
opmode | the operation this cipher instance should be initialized for
(one of: ENCRYPT_MODE , DECRYPT_MODE , WRAP_MODE or UNWRAP_MODE ). |
---|---|
certificate | the certificate. |
random | the source of randomness to be used. |
InvalidKeyException | if the public key in the certificate can not be used to initialize this cipher instance. |
---|
Initializes this cipher instance with the public key from the specified certificate.
The cipher will be initialized for the specified operation (one of:
encryption, decryption, key wrapping or key unwrapping) depending on
opmode
.
It the type of the certificate is X.509 and the certificate has a key
usage extension field marked as critical, the specified opmode
has the be enabled for this key, otherwise an InvalidKeyException
is thrown.
If this cipher instance needs any algorithm parameters that the key in the certificate can not provide, the underlying implementation of this cipher is supposed to generate the required parameters (using its provider or random values).
When a cipher instance is initialized by a call to any of the init
methods, the state of the instance is overridden, means it is
equivalent to creating a new instance and calling it init
method.
opmode | the operation this cipher instance should be initialized for
(one of: ENCRYPT_MODE , DECRYPT_MODE , WRAP_MODE or UNWRAP_MODE ). |
---|---|
certificate | the certificate. |
InvalidKeyException | if the public key in the certificate can not be used to initialize this cipher instance. |
---|
Initializes this cipher instance with the specified key and algorithm parameters.
The cipher is initialized for the specified operation (one of:
encryption, decryption, key wrapping or key unwrapping) depending on
opmode
.
If this cipher instance needs any algorithm parameters and params
is null
, the underlying implementation of this cipher is supposed
to generate the required parameters (using its provider or random
values).
When a cipher instance is initialized by a call to any of the init
methods, the state of the instance is overridden, meaning that it
is equivalent to creating a new instance and calling it init
method.
opmode | the operation this cipher instance should be initialized for
(one of: ENCRYPT_MODE , DECRYPT_MODE , WRAP_MODE or UNWRAP_MODE ). |
---|---|
key | the input key for the operation. |
params | the algorithm parameters. |
InvalidKeyException | if the specified key can not be used to initialize this cipher instance. |
---|---|
InvalidAlgorithmParameterException | it the specified parameters are inappropriate for this cipher. |
Unwraps a key using this cipher instance.
wrappedKey | the wrapped key to unwrap. |
---|---|
wrappedKeyAlgorithm | the algorithm for the wrapped key. |
wrappedKeyType | the type of the wrapped key (one of: SECRET_KEY
|
InvalidKeyException | if the wrappedKey can not be unwrapped to a key of
type wrappedKeyType for the wrappedKeyAlgorithm . |
---|---|
NoSuchAlgorithmException | if no provider can be found that can create a key of type
wrappedKeyType for the wrappedKeyAlgorithm . |
IllegalStateException | if this cipher instance is not initialized for unwrapping. |
Continues a multi-part transformation (encryption or decryption). The
input.remaining()
bytes starting at input.position()
are
transformed and stored in the output
buffer.
If the output.remaining()
is too small to hold the transformed
bytes a ShortBufferException
is thrown. Use
getOutputSize
to check for the size of the
output buffer.
input | the input buffer to transform. |
---|---|
output | the output buffer to store the result within. |
ShortBufferException | if the size of the output buffer is too small. |
---|---|
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
IllegalArgumentException | if the input buffer and the output buffer are the identical object. |
Continues a multi-part transformation (encryption or decryption). The transformed bytes are returned.
input | the input bytes to transform. |
---|
null
if the
input has zero length.IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
---|---|
IllegalArgumentException | if the input is null .
|
Continues a multi-part transformation (encryption or decryption). The
transformed bytes are stored in the output
buffer.
If the size of the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. Use
getOutputSize
to check for the size of the
output buffer.
input | the input bytes to transform. |
---|---|
inputOffset | the offset in the input to start. |
inputLen | the length of the input to transform. |
output | the output buffer. |
ShortBufferException | if the size of the output buffer is too small. |
---|---|
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
IllegalArgumentException | if the input is null , the output is null , or
if inputOffset and inputLen do not specify a
valid chunk in the input buffer.
|
Continues a multi-part transformation (encryption or decryption). The transformed bytes are returned.
input | the input bytes to transform. |
---|---|
inputOffset | the offset in the input to start. |
inputLen | the length of the input to transform. |
null
if inputLen
is zero.IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
---|---|
IllegalArgumentException | if input is null , or if inputOffset and
inputLen do not specify a valid chunk in the input
buffer.
|
Continues a multi-part transformation (encryption or decryption). The
transformed bytes are stored in the output
buffer.
If the size of the output
buffer is too small to hold the result,
a ShortBufferException
is thrown. Use
getOutputSize
to check for the size of the
output buffer.
input | the input bytes to transform. |
---|---|
inputOffset | the offset in the input to start. |
inputLen | the length of the input to transform. |
output | the output buffer. |
outputOffset | the offset in the output buffer. |
ShortBufferException | if the size of the output buffer is too small. |
---|---|
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
IllegalArgumentException | if the input is null , the output is null , or
if inputOffset and inputLen do not specify a
valid chunk in the input buffer.
|
Continues a multi-part transformation (encryption or decryption) with
Authenticated Additional Data (AAD). AAD may only be added after the
Cipher
is initialized and before any data is passed to the
instance.
This is only usable with cipher modes that support Authenticated Encryption with Additional Data (AEAD) such as Galois/Counter Mode (GCM).
input | buffer of AAD to be used |
---|
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
---|---|
UnsupportedOperationException | if the cipher does not support AEAD |
Continues a multi-part transformation (encryption or decryption) with
Authenticated Additional Data (AAD). AAD may only be added after the
Cipher
is initialized and before any data is passed to the
instance.
This is only usable with cipher modes that support Authenticated Encryption with Additional Data (AEAD) such as Galois/Counter Mode (GCM).
input | bytes of AAD to use with the cipher |
---|---|
inputOffset | offset within bytes of additional data to add to cipher |
inputLen | length of bytes of additional data to add to cipher |
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
---|---|
IllegalArgumentException | if input is null , or if inputOffset and
inputLen do not specify a valid chunk in the input
buffer. |
UnsupportedOperationException | if the cipher does not support AEAD |
Continues a multi-part transformation (encryption or decryption) with
Authenticated Additional Data (AAD). AAD may only be added after the
Cipher
is initialized and before any data is passed to the
instance.
This is only usable with cipher modes that support Authenticated Encryption with Additional Data (AEAD) such as Galois/Counter Mode (GCM).
input | bytes of AAD to use with the cipher |
---|
IllegalStateException | if this cipher instance is not initialized for encryption or decryption. |
---|---|
IllegalArgumentException | if input is null |
UnsupportedOperationException | if the cipher does not support AEAD |
Wraps a key using this cipher instance.
key | the key to wrap. |
---|
IllegalBlockSizeException | if the size of the resulting bytes is not a multiple of the cipher block size. |
---|---|
InvalidKeyException | if this cipher instance can not wrap this key. |
IllegalStateException | if this cipher instance is not initialized for wrapping. |