javacardx.crypto
Class Cipher

java.lang.Object
  javacardx.crypto.Cipher

public abstract class Cipher
extends Object

The Cipher class is the abstract base class for Cipher algorithms. Implementations of Cipher algorithms must extend this class and implement all the abstract methods.

The term "pad" is used in the public key cipher algorithms below to refer to all the operations specified in the referenced scheme to transform the message block into the cipher block size.

The asymmetric key algorithms encrypt using either a public key (to cipher) or a private key (to sign). In addition they decrypt using the either a private key (to decipher) or a public key (to verify).

A tear or card reset event resets an initialized Cipher object to the state it was in when previously initialized via a call to init(). For algorithms which support keys with transient key data sets, such as DES, triple DES and AES, and Korean SEED the Cipher object key becomes uninitialized on clear events associated with the Key object used to initialize the Cipher object.

Even if a transaction is in progress, update of intermediate result state in the implementation instance shall not participate in the transaction.

Note:

• On a tear or card reset event, the AES, DES, triple DES and Korean SEED algorithms in CBC mode reset the initial vector(IV) to 0. The initial vector(IV) can be re-initialized using the init(Key, byte, byte[], short, short) method.

Field Summary

static byte	ALG_AES_BLOCK_128_CBC_NOPAD Cipher algorithm ALG_AES_BLOCK_128_CBC_NOPAD provides a cipher using AES with block size 128 in CBC mode and does not pad input data.
static byte	ALG_AES_BLOCK_128_ECB_NOPAD Cipher algorithm ALG_AES_BLOCK_128_ECB_NOPAD provides a cipher using AES with block size 128 in ECB mode and does not pad input data.
static byte	ALG_AES_BLOCK_192_CBC_NOPAD Deprecated.
static byte	ALG_AES_BLOCK_192_ECB_NOPAD Deprecated.
static byte	ALG_AES_BLOCK_256_CBC_NOPAD Deprecated.
static byte	ALG_AES_BLOCK_256_ECB_NOPAD Deprecated.
static byte	ALG_AES_CBC_ISO9797_M1 Cipher algorithm ALG_AES_CBC_ISO9797_M1 provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797 method 1 scheme.
static byte	ALG_AES_CBC_ISO9797_M2 Cipher algorithm ALG_AES_CBC_ISO9797_M2 provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.
static byte	ALG_AES_CBC_PKCS5 Cipher algorithm ALG_AES_CBC_PKCS5 provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the PKCS#5 scheme.
static byte	ALG_AES_ECB_ISO9797_M1 Cipher algorithm ALG_AES_ECB_ISO9797_M1 provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797 method 1 scheme.
static byte	ALG_AES_ECB_ISO9797_M2 Cipher algorithm ALG_AES_ECB_ISO9797_M2 provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.
static byte	ALG_AES_ECB_PKCS5 Cipher algorithm ALG_AES_ECB_PKCS5 provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the PKCS#5 scheme.
static byte	ALG_DES_CBC_ISO9797_M1 Cipher algorithm ALG_DES_CBC_ISO9797_M1 provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the ISO 9797 method 1 scheme.
static byte	ALG_DES_CBC_ISO9797_M2 Cipher algorithm ALG_DES_CBC_ISO9797_M2 provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.
static byte	ALG_DES_CBC_NOPAD Cipher algorithm ALG_DES_CBC_NOPAD provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and does not pad input data.
static byte	ALG_DES_CBC_PKCS5 Cipher algorithm ALG_DES_CBC_PKCS5 provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the PKCS#5 scheme.
static byte	ALG_DES_ECB_ISO9797_M1 Cipher algorithm ALG_DES_ECB_ISO9797_M1 provides a cipher using DES in ECB mode, and pads input data according to the ISO 9797 method 1 scheme.
static byte	ALG_DES_ECB_ISO9797_M2 Cipher algorithm ALG_DES_ECB_ISO9797_M2 provides a cipher using DES in ECB mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.
static byte	ALG_DES_ECB_NOPAD Cipher algorithm ALG_DES_ECB_NOPAD provides a cipher using DES in ECB mode, and does not pad input data.
static byte	ALG_DES_ECB_PKCS5 Cipher algorithm ALG_DES_ECB_PKCS5 provides a cipher using DES in ECB mode, and pads input data according to the PKCS#5 scheme.
static byte	ALG_KOREAN_SEED_CBC_NOPAD Cipher algorithm ALG_KOREAN_SEED_CBC_NOPAD provides a cipher using the Korean SEED algorithm specified in the Korean SEED Algorithm specification provided by KISA, Korea Information Security Agency in ECB mode and does not pad input data.
static byte	ALG_KOREAN_SEED_ECB_NOPAD Cipher algorithm ALG_KOREAN_SEED_ECB_NOPAD provides a cipher using the Korean SEED algorithm specified in the Korean SEED Algorithm specification provided by KISA, Korea Information Security Agency in ECB mode and does not pad input data.
static byte	ALG_RSA_ISO14888 Deprecated.
static byte	ALG_RSA_ISO9796 Deprecated.
static byte	ALG_RSA_NOPAD Cipher algorithm ALG_RSA_NOPAD provides a cipher using RSA and does not pad input data.
static byte	ALG_RSA_PKCS1 Cipher algorithm ALG_RSA_PKCS1 provides a cipher using RSA, and pads input data according to the PKCS#1 (v1.5) scheme.
static byte	ALG_RSA_PKCS1_OAEP Cipher algorithm ALG_RSA_PKCS1_OAEP provides a cipher using RSA, and pads input data according to the PKCS#1-OAEP scheme (IEEE 1363-2000).
static byte	CIPHER_AES_CBC Cipher algorithm CIPHER_AES_CBC choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method.
static byte	CIPHER_AES_ECB Cipher algorithm CIPHER_AES_ECB choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method.
static byte	CIPHER_DES_CBC Cipher algorithm CIPHER_DES_CBC choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method.
static byte	CIPHER_DES_ECB Cipher algorithm CIPHER_DES_ECB choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method.
static byte	CIPHER_KOREAN_SEED_CBC Cipher algorithm CIPHER_KOREAN_SEED_CBC choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method.
static byte	CIPHER_KOREAN_SEED_ECB Cipher algorithm CIPHER_KOREAN_SEED_ECB choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method.
static byte	CIPHER_RSA Cipher algorithm CIPHER_RSA choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method.
static byte	MODE_DECRYPT Used in init() methods to indicate decryption mode.
static byte	MODE_ENCRYPT Used in init() methods to indicate encryption mode.
static byte	PAD_ISO9796 Padding algorithm PAD_ISO9796 choice for the paddingAlgorithm parameter of the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_ISO9796_MR Padding algorithm PAD_ISO9796_MR choice for the paddingAlgorithm parameter of the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_ISO9797_1_M1_ALG3 Padding algorithm PAD_ISO9797_1_M1_ALG3 choice for the paddingAlgorithm parameter of the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_ISO9797_1_M2_ALG3 Padding algorithm PAD_ISO9797_1_M2_ALG3 choice for the paddingAlgorithm parameter of the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_ISO9797_M1 Padding algorithm PAD_ISO9797_M1 choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_ISO9797_M2 Padding algorithm PAD_ISO9797_M2 choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_NOPAD Padding algorithm PAD_NOPAD choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_NULL This constant indicates that there is no discrete padding algorithm.
static byte	PAD_PKCS1 Padding algorithm PAD_PKCS1 choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_PKCS1_OAEP Padding algorithm PAD_PKCS1_OAEP choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_PKCS1_PSS Padding algorithm PAD_PKCS1 choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_PKCS5 Padding algorithm PAD_PKCS5 choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method.
static byte	PAD_RFC2409 Padding algorithm PAD_RFC2409 choice for the paddingAlgorithm parameter of the Signature.getInstance(byte, byte, byte, boolean) method.

Constructor Summary

protected

Cipher() Protected constructor.

Method Summary

abstract short	doFinal(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset) Generates encrypted/decrypted output from all/last input data.
abstract byte	getAlgorithm() Gets the Cipher algorithm.
static Cipher	getInstance(byte algorithm, boolean externalAccess) Creates a Cipher object instance of the selected algorithm.
static Cipher	getInstance(byte cipherAlgorithm, byte paddingAlgorithm, boolean externalAccess) Creates a Cipher object instance with the selected of the selected raw cipher algorithm and padding algorithm.
abstract void	init(Key theKey, byte theMode) Initializes the Cipher object with the appropriate Key.
abstract void	init(Key theKey, byte theMode, byte[] bArray, short bOff, short bLen) Initializes the Cipher object with the appropriate Key and algorithm specific parameters.
abstract short	update(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset) Generates encrypted/decrypted output from input data.

Methods inherited from class java.lang.Object

equals

Field Detail

ALG_DES_CBC_NOPAD

public static final byte ALG_DES_CBC_NOPAD

Cipher algorithm ALG_DES_CBC_NOPAD provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and does not pad input data. If the input data is not (8-byte) block aligned it throws CryptoException with the reason code ILLEGAL_USE.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_DES_CBC, PAD_NOPAD constants respectively.

See Also:

Constant Field Values

ALG_DES_CBC_ISO9797_M1

public static final byte ALG_DES_CBC_ISO9797_M1

Cipher algorithm ALG_DES_CBC_ISO9797_M1 provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the ISO 9797 method 1 scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_DES_CBC, PAD_ISO9797_M1 constants respectively.

See Also:

Constant Field Values

ALG_DES_CBC_ISO9797_M2

public static final byte ALG_DES_CBC_ISO9797_M2

Cipher algorithm ALG_DES_CBC_ISO9797_M2 provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_DES_CBC, PAD_ISO9797_M2 constants respectively.

See Also:

Constant Field Values

ALG_DES_CBC_PKCS5

public static final byte ALG_DES_CBC_PKCS5

Cipher algorithm ALG_DES_CBC_PKCS5 provides a cipher using DES in CBC mode or triple DES in outer CBC mode, and pads input data according to the PKCS#5 scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_DES_CBC, PAD_PKCS5 constants respectively.

See Also:

Constant Field Values

ALG_DES_ECB_NOPAD

public static final byte ALG_DES_ECB_NOPAD

Cipher algorithm ALG_DES_ECB_NOPAD provides a cipher using DES in ECB mode, and does not pad input data. If the input data is not (8-byte) block aligned it throws CryptoException with the reason code ILLEGAL_USE.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_DES_ECB, PAD_NOPAD constants respectively.

See Also:

Constant Field Values

ALG_DES_ECB_ISO9797_M1

public static final byte ALG_DES_ECB_ISO9797_M1

Cipher algorithm ALG_DES_ECB_ISO9797_M1 provides a cipher using DES in ECB mode, and pads input data according to the ISO 9797 method 1 scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_DES_ECB, PAD_ISO9797_M1 constants respectively.

See Also:

Constant Field Values

ALG_DES_ECB_ISO9797_M2

public static final byte ALG_DES_ECB_ISO9797_M2

Cipher algorithm ALG_DES_ECB_ISO9797_M2 provides a cipher using DES in ECB mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_DES_ECB, PAD_ISO9797_M2 constants respectively.

See Also:

Constant Field Values

ALG_DES_ECB_PKCS5

public static final byte ALG_DES_ECB_PKCS5

Cipher algorithm ALG_DES_ECB_PKCS5 provides a cipher using DES in ECB mode, and pads input data according to the PKCS#5 scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_DES_ECB, PAD_PKCS5 constants respectively.

See Also:

Constant Field Values

ALG_RSA_ISO14888

public static final byte ALG_RSA_ISO14888

Deprecated.

This Cipher algorithm ALG_RSA_ISO14888 should not be used. The ISO 14888 algorithms are intended for signatures.

See Also:

Constant Field Values

ALG_RSA_PKCS1

public static final byte ALG_RSA_PKCS1

Cipher algorithm ALG_RSA_PKCS1 provides a cipher using RSA, and pads input data according to the PKCS#1 (v1.5) scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_RSA, PAD_PKCS1 constants respectively.

Note:

• This algorithm is only suitable for messages of limited length. The total number of input bytes processed during encryption may not be more than k-11, where k is the RSA key's modulus size in bytes.
• The encryption block(EB) during encryption with a Public key is built as follows:
  EB = 00 || 02 || PS || 00 || M
  :: M (input bytes) is the plaintext message
  :: PS is an octet string of length k-3-||M|| of pseudo random nonzero octets. The length of PS must be at least 8 octets.
  :: k is the RSA modulus size.
  
• The encryption block(EB) during encryption with a Private key (used to compute signatures when the message digest is computed off-card) is built as follows:
  EB = 00 || 01 || PS || 00 || D
  :: D (input bytes) is the DER encoding of the hash computed elsewhere with an algorithm ID prepended if appropriate
  :: PS is an octet string of length k-3-||D|| with value FF. The length of PS must be at least 8 octets.
  :: k is the RSA modulus size.
  

See Also:

Constant Field Values

ALG_RSA_ISO9796

public static final byte ALG_RSA_ISO9796

Deprecated.

This Cipher algorithm ALG_RSA_ISO9796 should not be used. The ISO 9796-1 algorithm was withdrawn by ISO in July 2000.

See Also:

Constant Field Values

ALG_RSA_NOPAD

public static final byte ALG_RSA_NOPAD

Cipher algorithm ALG_RSA_NOPAD provides a cipher using RSA and does not pad input data. If the input data is bounded by incorrect padding bytes while using RSAPrivateCrtKey, incorrect output may result. If the input data is not block aligned or greater than or equal to the modulus, it throws CryptoException with the reason code ILLEGAL_USE.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_RSA, PAD_NOPAD constants respectively.

See Also:

Constant Field Values

ALG_AES_BLOCK_128_CBC_NOPAD

public static final byte ALG_AES_BLOCK_128_CBC_NOPAD

Cipher algorithm ALG_AES_BLOCK_128_CBC_NOPAD provides a cipher using AES with block size 128 in CBC mode and does not pad input data. If the input data is not block aligned it throws CryptoException with the reason code ILLEGAL_USE.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_AES_CBC, PAD_NOPAD constants respectively.

See Also:

Constant Field Values

ALG_AES_BLOCK_128_ECB_NOPAD

public static final byte ALG_AES_BLOCK_128_ECB_NOPAD

Cipher algorithm ALG_AES_BLOCK_128_ECB_NOPAD provides a cipher using AES with block size 128 in ECB mode and does not pad input data. If the input data is not block aligned it throws CryptoException with the reason code ILLEGAL_USE.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_AES_ECB, PAD_NOPAD constants respectively.

See Also:

Constant Field Values

ALG_RSA_PKCS1_OAEP

public static final byte ALG_RSA_PKCS1_OAEP

Cipher algorithm ALG_RSA_PKCS1_OAEP provides a cipher using RSA, and pads input data according to the PKCS#1-OAEP scheme (IEEE 1363-2000).

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_RSA, PAD_PKCS1_OAEP constants respectively.

See Also:

Constant Field Values

ALG_KOREAN_SEED_ECB_NOPAD

public static final byte ALG_KOREAN_SEED_ECB_NOPAD

Cipher algorithm ALG_KOREAN_SEED_ECB_NOPAD provides a cipher using the Korean SEED algorithm specified in the Korean SEED Algorithm specification provided by KISA, Korea Information Security Agency in ECB mode and does not pad input data. If the input data is not block aligned it throws CryptoException with the reason code ILLEGAL_USE.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_KOREAN_SEED, PAD_NOPAD constants respectively.

See Also:

Constant Field Values

ALG_KOREAN_SEED_CBC_NOPAD

public static final byte ALG_KOREAN_SEED_CBC_NOPAD

Cipher algorithm ALG_KOREAN_SEED_CBC_NOPAD provides a cipher using the Korean SEED algorithm specified in the Korean SEED Algorithm specification provided by KISA, Korea Information Security Agency in ECB mode and does not pad input data. If the input data is not block aligned it throws CryptoException with the reason code ILLEGAL_USE.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_KOREAN_SEED, PAD_NOPAD constants respectively.

See Also:

Constant Field Values

ALG_AES_BLOCK_192_CBC_NOPAD

public static final byte ALG_AES_BLOCK_192_CBC_NOPAD

Deprecated.

This Cipher algorithm ALG_AES_BLOCK_192_CBC_NOPAD should not be used. AES algorithms as defined by NIST in the FIPS PUB 197 standard only support a block size of 128 bits.

See Also:

Constant Field Values

ALG_AES_BLOCK_192_ECB_NOPAD

public static final byte ALG_AES_BLOCK_192_ECB_NOPAD

Deprecated.

This Cipher algorithm ALG_AES_BLOCK_192_ECB_NOPAD should not be used. AES algorithms as defined by NIST in the FIPS PUB 197 standard only support a block size of 128 bits.

See Also:

Constant Field Values

ALG_AES_BLOCK_256_CBC_NOPAD

public static final byte ALG_AES_BLOCK_256_CBC_NOPAD

Deprecated.

This Cipher algorithm ALG_AES_BLOCK_256_CBC_NOPAD should not be used. AES algorithms as defined by NIST in the FIPS PUB 197 standard only support a block size of 128 bits.

See Also:

Constant Field Values

ALG_AES_BLOCK_256_ECB_NOPAD

public static final byte ALG_AES_BLOCK_256_ECB_NOPAD

Deprecated.

This Cipher algorithm ALG_AES_BLOCK_256_ECB_NOPAD should not be used. AES algorithms as defined by NIST in the FIPS PUB 197 standard only support a block size of 128 bits.

See Also:

Constant Field Values

ALG_AES_CBC_ISO9797_M1

public static final byte ALG_AES_CBC_ISO9797_M1

Cipher algorithm ALG_AES_CBC_ISO9797_M1 provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797 method 1 scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_AES_CBC, PAD_ISO9797_M1 constants respectively.

See Also:

Constant Field Values

ALG_AES_CBC_ISO9797_M2

public static final byte ALG_AES_CBC_ISO9797_M2

Cipher algorithm ALG_AES_CBC_ISO9797_M2 provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_AES_CBC, PAD_ISO9797_M2 constants respectively.

See Also:

Constant Field Values

ALG_AES_CBC_PKCS5

public static final byte ALG_AES_CBC_PKCS5

Cipher algorithm ALG_AES_CBC_PKCS5 provides a cipher using AES with block size 128 in CBC mode, and pads input data according to the PKCS#5 scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_AES_CBC, PAD_PKCS5 constants respectively.

See Also:

Constant Field Values

ALG_AES_ECB_ISO9797_M1

public static final byte ALG_AES_ECB_ISO9797_M1

Cipher algorithm ALG_AES_ECB_ISO9797_M1 provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797 method 1 scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_AES_ECB, PAD_ISO9797_M1 constants respectively.

See Also:

Constant Field Values

ALG_AES_ECB_ISO9797_M2

public static final byte ALG_AES_ECB_ISO9797_M2

Cipher algorithm ALG_AES_ECB_ISO9797_M2 provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the ISO 9797 method 2 (ISO 7816-4, EMV'96) scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_AES_ECB, PAD_ISO9797_M2 constants respectively.

See Also:

Constant Field Values

ALG_AES_ECB_PKCS5

public static final byte ALG_AES_ECB_PKCS5

Cipher algorithm ALG_AES_ECB_PKCS5 provides a cipher using AES with block size 128 in ECB mode, and pads input data according to the PKCS#5 scheme.

To request this algorithm using the getInstance(byte, byte, boolean) method use the CIPHER_AES_ECB, PAD_PKCS5 constants respectively.

See Also:

Constant Field Values

CIPHER_AES_CBC

public static final byte CIPHER_AES_CBC

Cipher algorithm CIPHER_AES_CBC choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method. The cipher algorithm provides a cipher using AES with block size 128 in CBC mode.

See Also:

Constant Field Values

CIPHER_AES_ECB

public static final byte CIPHER_AES_ECB

Cipher algorithm CIPHER_AES_ECB choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method. The cipher algorithm provides a cipher using AES with block size 128 in ECB mode.

See Also:

Constant Field Values

CIPHER_DES_CBC

public static final byte CIPHER_DES_CBC

Cipher algorithm CIPHER_DES_CBC choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method. The cipher algorithm provides a cipher using DES in CBC mode.

See Also:

Constant Field Values

CIPHER_DES_ECB

public static final byte CIPHER_DES_ECB

Cipher algorithm CIPHER_DES_ECB choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method. The cipher algorithm provides a cipher using DES in ECB mode.

See Also:

Constant Field Values

CIPHER_KOREAN_SEED_CBC

public static final byte CIPHER_KOREAN_SEED_CBC

Cipher algorithm CIPHER_KOREAN_SEED_CBC choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method. The cipher algorithm provides a cipher using KOREAN_SEED in CBC mode.

See Also:

Constant Field Values

CIPHER_KOREAN_SEED_ECB

public static final byte CIPHER_KOREAN_SEED_ECB

Cipher algorithm CIPHER_KOREAN_SEED_ECB choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method. The cipher algorithm provides a cipher using KOREAN_SEED in ECB mode.

See Also:

Constant Field Values

CIPHER_RSA

public static final byte CIPHER_RSA

Cipher algorithm CIPHER_RSA choice for the cipherAlgorithm parameter of the getInstance(byte, byte, boolean) method. The cipher algorithm provides a cipher using RSA.

See Also:

Constant Field Values

PAD_NULL

public static final byte PAD_NULL

This constant indicates that there is no discrete padding algorithm. It is intended for use in the Signature.getInstance(byte, byte, byte, boolean) method and getInstance(byte, byte, boolean) method.

See Also:

Constant Field Values

PAD_NOPAD

public static final byte PAD_NOPAD

Padding algorithm PAD_NOPAD choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requires that the data length is a multiple of the cipher algorithm block size. Otherwise, a CryptoException is thrown.

See Also:

Constant Field Values

PAD_ISO9797_M1

public static final byte PAD_ISO9797_M1

Padding algorithm PAD_ISO9797_M1 choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the ISO 9797 method 1 scheme.

See Also:

Constant Field Values

PAD_ISO9797_M2

public static final byte PAD_ISO9797_M2

Padding algorithm PAD_ISO9797_M2 choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the ISO 9797 method 2 scheme.

See Also:

Constant Field Values

PAD_ISO9797_1_M1_ALG3

public static final byte PAD_ISO9797_1_M1_ALG3

Padding algorithm PAD_ISO9797_1_M1_ALG3 choice for the paddingAlgorithm parameter of the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the ISO9797-1 MAC algorithm 3 with method 1.

See Also:

Constant Field Values

PAD_ISO9797_1_M2_ALG3

public static final byte PAD_ISO9797_1_M2_ALG3

Padding algorithm PAD_ISO9797_1_M2_ALG3 choice for the paddingAlgorithm parameter of the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the ISO9797-1 MAC algorithm 3 with method 2 (also EMV'96, EMV'2000).

See Also:

Constant Field Values

PAD_PKCS5

public static final byte PAD_PKCS5

Padding algorithm PAD_PKCS5 choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the PKCS #5 scheme.

See Also:

Constant Field Values

PAD_PKCS1

public static final byte PAD_PKCS1

Padding algorithm PAD_PKCS1 choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the PKCS v1.5 scheme.

See Also:

Constant Field Values

PAD_PKCS1_PSS

public static final byte PAD_PKCS1_PSS

Padding algorithm PAD_PKCS1 choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the PKCS#1-PSS scheme (IEEE 1363-2000) scheme.

See Also:

Constant Field Values

PAD_PKCS1_OAEP

public static final byte PAD_PKCS1_OAEP

Padding algorithm PAD_PKCS1_OAEP choice for the paddingAlgorithm parameter of the getInstance(byte, byte, boolean) method and the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the PKCS#1-OAEP scheme (IEEE 1363-2000)scheme.

See Also:

Constant Field Values

PAD_ISO9796

public static final byte PAD_ISO9796

Padding algorithm PAD_ISO9796 choice for the paddingAlgorithm parameter of the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the ISO 9796-2 scheme as specified in EMV '96 and EMV 2000

See Also:

Constant Field Values

PAD_ISO9796_MR

public static final byte PAD_ISO9796_MR

Padding algorithm PAD_ISO9796_MR choice for the paddingAlgorithm parameter of the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the ISO9796-2 specification with message recovery(also EMV'96, EMV'2000).

See Also:

Constant Field Values

PAD_RFC2409

public static final byte PAD_RFC2409

Padding algorithm PAD_RFC2409 choice for the paddingAlgorithm parameter of the Signature.getInstance(byte, byte, byte, boolean) method. This padding algorithm choice requests padding based on the RFC 2409 scheme.

See Also:

Constant Field Values

MODE_DECRYPT

public static final byte MODE_DECRYPT

Used in init() methods to indicate decryption mode.

See Also:

Constant Field Values

MODE_ENCRYPT

public static final byte MODE_ENCRYPT

Used in init() methods to indicate encryption mode.

See Also:

Constant Field Values

Constructor Detail

Cipher

protected Cipher()

Protected constructor.

Method Detail

getInstance

public static final Cipher getInstance(byte algorithm,
                                       boolean externalAccess)
                                throws CryptoException

Creates a Cipher object instance of the selected algorithm.

Parameters:

algorithm - the desired Cipher algorithm. Valid codes listed in ALG_* constants above, for example, ALG_DES_CBC_NOPAD.

externalAccess - true indicates that the instance will be shared among multiple applet instances and that the Cipher instance will also be accessed (via a Shareable interface) when the owner of the Cipher instance is not the currently selected applet. If true the implementation must not allocate CLEAR_ON_DESELECT transient space for internal data.

Returns:

the Cipher object instance of the requested algorithm

Throws:

CryptoException - with the following reason codes:

• CryptoException.NO_SUCH_ALGORITHM if the requested algorithm is not supported or shared access mode is not supported.

See Also:

getInstance(byte, byte, boolean)

getInstance

public static final Cipher getInstance(byte cipherAlgorithm,
                                       byte paddingAlgorithm,
                                       boolean externalAccess)
                                throws CryptoException

Creates a Cipher object instance with the selected of the selected raw cipher algorithm and padding algorithm.

Note:

• When the padding algorithm is built into the cipher algorithm use the PAD_NULL choice for the padding algorithm.

Parameters:

cipherAlgorithm - the desired cipher algorithm. Valid codes listed in CIPHER_* constants in this class.g. CIPHER_AES_CBC.

paddingAlgorithm - the desired padding algorithm. Valid codes listed in PAD_* constants im the Cipher class e.g. PAD_NULL.

externalAccess - true indicates that the instance will be shared among multiple applet instances and that the Cipher instance will also be accessed (via a Shareable interface) when the owner of the Cipher instance is not the currently selected applet. If true the implementation must not allocate CLEAR_ON_DESELECT transient space for internal data.

Returns:

the Cipher object instance of the requested algorithm

Throws:

CryptoException - with the following reason codes:

• CryptoException.NO_SUCH_ALGORITHM if cipher algorithm or padding algorithm or their combination or the requested shared access mode is not supported.

Since:

3.0.4

See Also:

getInstance(byte, boolean)

init

public abstract void init(Key theKey,
                          byte theMode)
                   throws CryptoException

Initializes the Cipher object with the appropriate Key. This method should be used for algorithms which do not need initialization parameters or use default parameter values.

init() must be used to update the Cipher object with a new key. If the Key object is modified after invoking the init() method, the behavior of the update() and doFinal() methods is unspecified.

Note:

• AES, DES, triple DES and Korean SEED algorithms in CBC mode will use 0 for initial vector(IV) if this method is used.
• For optimal performance, when the theKey parameter is a transient key, the implementation should, whenever possible, use transient space for internal storage.

Parameters:

theKey - the key object to use for encrypting or decrypting

theMode - one of MODE_DECRYPT or MODE_ENCRYPT

Throws:

CryptoException - with the following reason codes:

• CryptoException.ILLEGAL_VALUE if theMode option is an undefined value or if the Key is inconsistent with the Cipher implementation.
• CryptoException.UNINITIALIZED_KEY if theKey instance is uninitialized.

init

public abstract void init(Key theKey,
                          byte theMode,
                          byte[] bArray,
                          short bOff,
                          short bLen)
                   throws CryptoException

Initializes the Cipher object with the appropriate Key and algorithm specific parameters.

init() must be used to update the Cipher object with a new key. If the Key object is modified after invoking the init() method, the behavior of the update() and doFinal() methods is unspecified.

Note:

• DES and triple DES algorithms in CBC mode expect an 8-byte parameter value for the initial vector(IV) in bArray.
• AES algorithms in CBC mode expect a 16-byte parameter value for the initial vector(IV) in bArray.
• Korean SEED algorithms in CBC mode expect a 16-byte parameter value for the initial vector(IV) in bArray.
• AES algorithms in ECB mode, DES algorithms in ECB mode, Korean SEED algorithm in ECB mode, RSA and DSA algorithms throw CryptoException.ILLEGAL_VALUE.
• For optimal performance, when the theKey parameter is a transient key, the implementation should, whenever possible, use transient space for internal storage.

Parameters:

theKey - the key object to use for encrypting or decrypting.

theMode - one of MODE_DECRYPT or MODE_ENCRYPT

bArray - byte array containing algorithm specific initialization info

bOff - offset within bArray where the algorithm specific data begins

bLen - byte length of algorithm specific parameter data

Throws:

CryptoException - with the following reason codes:

• CryptoException.ILLEGAL_VALUE if theMode option is an undefined value or if a byte array parameter option is not supported by the algorithm or if the bLen is an incorrect byte length for the algorithm specific data or if the Key is inconsistent with the Cipher implementation.
• CryptoException.UNINITIALIZED_KEY if theKey instance is uninitialized.

getAlgorithm

public abstract byte getAlgorithm()

Gets the Cipher algorithm.

Returns:

the algorithm code defined above; if the algorithm is not one of the pre-defined algorithms, 0 is returned.

doFinal

public abstract short doFinal(byte[] inBuff,
                              short inOffset,
                              short inLength,
                              byte[] outBuff,
                              short outOffset)
                       throws CryptoException

Generates encrypted/decrypted output from all/last input data. This method must be invoked to complete a cipher operation. This method processes any remaining input data buffered by one or more calls to the update() method as well as input data supplied in the inBuff parameter.

A call to this method also resets this Cipher object to the state it was in when previously initialized via a call to init(). That is, the object is reset and available to encrypt or decrypt (depending on the operation mode that was specified in the call to init()) more data. In addition, note that the initial vector(IV) used in AES, DES and Korean SEED algorithms will be reset to 0.

Notes:

• When using block-aligned data (multiple of block size), if the input buffer, inBuff and the output buffer, outBuff are the same array, then the output data area must not partially overlap the input data area such that the input data is modified before it is used; if inBuff==outBuff and
  inOffset < outOffset < inOffset+inLength, incorrect output may result.
• When non-block aligned data is presented as input data, no amount of input and output buffer data overlap is allowed; if inBuff==outBuff and
  outOffset < inOffset+inLength, incorrect output may result.
• AES, DES, triple DES and Korean SEED algorithms in CBC mode reset the initial vector(IV) to 0. The initial vector(IV) can be re-initialized using the init(Key, byte, byte[], short, short) method.
• On decryption operations (except when ISO 9797 method 1 padding is used), the padding bytes are not written to outBuff.
• On encryption and decryption operations, the number of bytes output into outBuff may be larger or smaller than inLength or even 0.
• On decryption operations resulting in an ArrayIndexOutOfBoundsException, outBuff may be partially modified.

Parameters:

inBuff - the input buffer of data to be encrypted/decrypted

inOffset - the offset into the input buffer at which to begin encryption/decryption

inLength - the byte length to be encrypted/decrypted

outBuff - the output buffer, may be the same as the input buffer

outOffset - the offset into the output buffer where the resulting output data begins

Returns:

number of bytes output in outBuff

Throws:

CryptoException - with the following reason codes:

• CryptoException.UNINITIALIZED_KEY if key not initialized.
• CryptoException.INVALID_INIT if this Cipher object is not initialized.
• CryptoException.ILLEGAL_USE if one of the following conditions is met:
  • This Cipher algorithm does not pad the message and the message is not block aligned.
  • This Cipher algorithm does not pad the message and no input data has been provided in inBuff or via the update() method.
  • The input message length is not supported or the message value is greater than or equal to the modulus.
  • The decrypted data is not bounded by appropriate padding bytes.

update

public abstract short update(byte[] inBuff,
                             short inOffset,
                             short inLength,
                             byte[] outBuff,
                             short outOffset)
                      throws CryptoException

Generates encrypted/decrypted output from input data. This method is intended for multiple-part encryption/decryption operations.

This method requires temporary storage of intermediate results. In addition, if the input data length is not block aligned (multiple of block size) then additional internal storage may be allocated at this time to store a partial input data block. This may result in additional resource consumption and/or slow performance.

This method should only be used if all the input data required for the cipher is not available in one byte array. If all the input data required for the cipher is located in a single byte array, use of the doFinal() method to process all of the input data is recommended. The doFinal() method must be invoked to complete processing of any remaining input data buffered by one or more calls to the update() method.

Notes:

• When using block-aligned data (multiple of block size), if the input buffer, inBuff and the output buffer, outBuff are the same array, then the output data area must not partially overlap the input data area such that the input data is modified before it is used; if inBuff==outBuff and
  inOffset < outOffset < inOffset+inLength, incorrect output may result.
• When non-block aligned data is presented as input data, no amount of input and output buffer data overlap is allowed; if inBuff==outBuff and
  outOffset < inOffset+inLength, incorrect output may result.
• On decryption operations(except when ISO 9797 method 1 padding is used), the padding bytes are not written to outBuff.
• On encryption and decryption operations, block alignment considerations may require that the number of bytes output into outBuff be larger or smaller than inLength or even 0.
• If inLength is 0 this method does nothing.

Parameters:

inBuff - the input buffer of data to be encrypted/decrypted

inOffset - the offset into the input buffer at which to begin encryption/decryption

inLength - the byte length to be encrypted/decrypted

outBuff - the output buffer, may be the same as the input buffer

outOffset - the offset into the output buffer where the resulting ciphertext/plaintext begins

Returns:

number of bytes output in outBuff

Throws:

CryptoException - with the following reason codes:

• CryptoException.UNINITIALIZED_KEY if key not initialized.
• CryptoException.INVALID_INIT if this Cipher object is not initialized.
• CryptoException.ILLEGAL_USE if the input message length is not supported or the message value is greater than or equal to the modulus.