Class OpenSslCipher
- All Implemented Interfaces:
Closeable
,AutoCloseable
,CryptoCipher
this class is not public/protected so does not appear in the main Javadoc Please ensure that property use is documented in the enum CryptoRandomFactory.RandomProvider
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionOpenSslCipher
(Properties props, String transformation) Constructs aCryptoCipher
using JNI into OpenSSL -
Method Summary
Modifier and TypeMethodDescriptionvoid
close()
Closes the OpenSSL openSslEngine.int
doFinal
(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.int
doFinal
(ByteBuffer inBuffer, ByteBuffer outBuffer) Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.Returns the algorithm name of thisCryptoCipher
object.int
Returns the block size (in bytes).void
init
(int mode, Key key, AlgorithmParameterSpec params) Initializes the openSslEngine with mode, key and iv.int
update
(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) Continues a multiple-part encryption/decryption operation.int
update
(ByteBuffer inBuffer, ByteBuffer outBuffer) Continues a multiple-part encryption/decryption operation.void
updateAAD
(byte[] aad) Continues a multi-part update of the Additional Authentication Data (AAD).void
updateAAD
(ByteBuffer aad) Continues a multi-part update of the Additional Authentication Data (AAD).
-
Field Details
-
openSslEngine
-
initialized
private boolean initialized -
transformation
-
-
Constructor Details
-
OpenSslCipher
Constructs aCryptoCipher
using JNI into OpenSSL- Parameters:
props
- properties for OpenSSL openSslEngine (unused)transformation
- transformation for OpenSSL openSslEngine (algorithm/mode/padding)- Throws:
GeneralSecurityException
- if OpenSSL openSslEngine initialize failed
-
-
Method Details
-
close
public void close()Closes the OpenSSL openSslEngine. Clean the OpenSsl native context.- Specified by:
close
in interfaceAutoCloseable
- Specified by:
close
in interfaceCloseable
-
doFinal
public int doFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.- Specified by:
doFinal
in interfaceCryptoCipher
- Parameters:
input
- the input byte arrayinputOffset
- the offset in input where the input startsinputLen
- the input lengthoutput
- the byte array for the resultoutputOffset
- the offset in output where the result is stored- Returns:
- the number of bytes stored in output
- Throws:
ShortBufferException
- if the given output byte array is too small to hold the resultBadPaddingException
- if this openSslEngine is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytesIllegalBlockSizeException
- if this openSslEngine is a block openSslEngine, no padding has been requested (only in encryption mode), and the total input length of the data processed by this openSslEngine is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.
-
doFinal
public int doFinal(ByteBuffer inBuffer, ByteBuffer outBuffer) throws ShortBufferException, IllegalBlockSizeException, BadPaddingException Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this openSslEngine was initialized.- Specified by:
doFinal
in interfaceCryptoCipher
- Parameters:
inBuffer
- the input ByteBufferoutBuffer
- the output ByteBuffer- Returns:
- int number of bytes stored in
output
- Throws:
BadPaddingException
- if this openSslEngine is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytesIllegalBlockSizeException
- if this openSslEngine is a block openSslEngine, no padding has been requested (only in encryption mode), and the total input length of the data processed by this openSslEngine is not a multiple of block size; or if this encryption algorithm is unable to process the input data provided.ShortBufferException
- if the given output buffer is too small to hold the result
-
getAlgorithm
Returns the algorithm name of thisCryptoCipher
object.This is the same name that was specified in one of the
CryptoCipherFactory#getInstance
calls that created thisCryptoCipher
object..- Specified by:
getAlgorithm
in interfaceCryptoCipher
- Returns:
- the algorithm name of this
CryptoCipher
object.
-
getBlockSize
public int getBlockSize()Returns the block size (in bytes).- Specified by:
getBlockSize
in interfaceCryptoCipher
- Returns:
- the block size (in bytes), or 0 if the underlying algorithm is not a block openSslEngine
-
init
public void init(int mode, Key key, AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException Initializes the openSslEngine with mode, key and iv.- Specified by:
init
in interfaceCryptoCipher
- Parameters:
mode
-Cipher.ENCRYPT_MODE
orCipher.DECRYPT_MODE
key
- crypto key for the openSslEngineparams
- the algorithm parameters- Throws:
InvalidKeyException
- If key length is invalidInvalidAlgorithmParameterException
- if IV length is wrong
-
update
public int update(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException Continues a multiple-part encryption/decryption operation. The data is encrypted or decrypted, depending on how this openSslEngine was initialized.- Specified by:
update
in interfaceCryptoCipher
- Parameters:
input
- the input byte arrayinputOffset
- the offset in input where the input startsinputLen
- the input lengthoutput
- the byte array for the resultoutputOffset
- the offset in output where the result is stored- Returns:
- the number of bytes stored in output
- Throws:
ShortBufferException
- if there is insufficient space in the output byte array
-
update
Continues a multiple-part encryption/decryption operation. The data is encrypted or decrypted, depending on how this openSslEngine was initialized.- Specified by:
update
in interfaceCryptoCipher
- Parameters:
inBuffer
- the input ByteBufferoutBuffer
- the output ByteBuffer- Returns:
- int number of bytes stored in
output
- Throws:
ShortBufferException
- if there is insufficient space in the output buffer
-
updateAAD
public void updateAAD(byte[] aad) throws IllegalArgumentException, IllegalStateException, UnsupportedOperationException Continues a multi-part update of the Additional Authentication Data (AAD).Calls to this method provide AAD to the opensslEngine when operating in modes such as AEAD (GCM). If this opensslEngine is operating in either GCM mode, all AAD must be supplied before beginning operations on the ciphertext (via the
update
anddoFinal
methods).- Specified by:
updateAAD
in interfaceCryptoCipher
- Parameters:
aad
- the buffer containing the Additional Authentication Data- Throws:
IllegalArgumentException
- if theaad
byte array is nullIllegalStateException
- if this opensslEngine is in a wrong state (e.g., has not been initialized), does not accept AAD, or if operating in either GCM mode and one of theupdate
methods has already been called for the active encryption/decryption operationUnsupportedOperationException
- if the implementationopensslEngine
doesn't support this operation.
-
updateAAD
public void updateAAD(ByteBuffer aad) throws IllegalArgumentException, IllegalStateException, UnsupportedOperationException Continues a multi-part update of the Additional Authentication Data (AAD).Calls to this method provide AAD to the opensslEngine when operating in modes such as AEAD (GCM). If this opensslEngine is operating in either GCM mode, all AAD must be supplied before beginning operations on the ciphertext (via the
update
anddoFinal
methods).- Specified by:
updateAAD
in interfaceCryptoCipher
- Parameters:
aad
- the buffer containing the Additional Authentication Data- Throws:
IllegalArgumentException
- if theaad
byte array is nullIllegalStateException
- if this opensslEngine is in a wrong state (e.g., has not been initialized), does not accept AAD, or if operating in either GCM mode and one of theupdate
methods has already been called for the active encryption/decryption operationUnsupportedOperationException
- if the implementationopensslEngine
doesn't support this operation.
-