Class RSAPadding

java.lang.Object
es.gob.jmulticard.jse.provider.rsacipher.RSAPadding

final class RSAPadding extends Object
Utilidad para la aplicación y la retirada de rellenos RSA. The various PKCS#1 versions can be found in the EMC/RSA Labs web site, which is currently: http://www.emc.com/emc-plus/rsa-labs/index.htm or in the IETF RFCs derived from the above PKCS#1 standards. RFC 2313: v1.5 RFC 2437: v2.0 RFC 3447: v2.1 The format of PKCS#1 v1.5 padding is: 0x00 | BT | PS...PS | 0x00 | data...data where BT is the blocktype (1 or 2). The length of the entire string must be the same as the size of the modulus (i.e. 128 byte for a 1024 bit key). Per spec, the padding string must be at least 8 bytes long. That leaves up to (length of key in bytes) - 11 bytes for the data. OAEP padding was introduced in PKCS#1 v2.0 and is a bit more complicated and has a number of options. We support: . arbitrary hash functions ('Hash' in the specification), MessageDigest implementation must be available . MGF1 as the mask generation function . the empty string as the default value for label L and whatever specified in javax.crypto.spec.OAEPParameterSpec The algorithms (representations) are forwards-compatible: that is, the algorithm described in previous releases are in later releases. However, additional comments/checks/clarifications were added to the later versions based on real-world experience (e.g. stricter v1.5 format checking.) Note: RSA keys should be at least 512 bits long
Since:
1.5
  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    private static final Map<String,byte[]>
     
    private byte[]
     
    private final int
    Tamaño máximo de los datos.
     
     
    (package private) static final int
    Relleno PKCS#1 v1.5, blocktype 1 (firma).
    (package private) static final int
    Relleno PKCS#1 v1.5, blocktype 2 (cifrado).
    (package private) static final int
    Sin relleno.
    (package private) static final int
    Relleno PKCS#1 v2.1 OAEP.
    private final int
     
    private SecureRandom
     
    private final int
     
  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
    private
    RSAPadding(int paddingType, int sizeAfterPadding, SecureRandom randomSrc, OAEPParameterSpec spec)
    Constructor interno.
  • Method Summary

    Modifier and Type
    Method
    Description
    (package private) static RSAPadding
    createInstance(int type, int paddedSize, SecureRandom random)
    Get a RSAPadding instance of the specified type.
    (package private) static RSAPadding
    createInstance(int type, int paddedSize, SecureRandom random, OAEPParameterSpec spec)
    Get a RSAPadding instance of the specified type, which must be OAEP.
    private static byte[]
    getInitialHash(MessageDigest md, byte[] digestInput)
    Return the value of the digest using the specified message digest md and the digest input digestInput.
    (package private) int
    Return the maximum size of the plaintext data that can be processed using this object.
    private void
    mgf1(byte[] seed, int seedOfs, int seedLen, byte[] out, int outOffset, int maskLength)
    Compute MGF1 using mgfMD as the message digest.
    (package private) byte[]
    pad(byte[] data)
    Pad the data and return the padded block.
    (package private) byte[]
    pad(byte[] data, int ofs, int len)
    Rellena los datos.
    private byte[]
    padOaep(byte[] message)
    PKCS#1 v2.0 OAEP padding (MGF1).
    private byte[]
    padV15(byte[] data)
    PKCS#1 v1.5 padding (blocktype 1 and 2).
    (package private) byte[]
    unpad(byte[] padded)
    Unpad the padded block and return the data.
    private byte[]
    unpadOAEP(byte[] padded)
    PKCS#1 v2.1 OAEP unpadding (MGF1).
    private byte[]
    unpadV15(byte[] padded)
    PKCS#1 v1.5 unpadding (blocktype 1 (signature) and 2 (encryption)).

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait