cryptix.provider.padding
Class PKCS7
- Padding, Parameterized
A class for padding cipher data according to the following scheme,
described in section 10.3 of RSA Data Security, Inc.'s PKCS #7
standard:
Some content-encryption algorithms assume the
input length is a multiple of k octets, where k >
1, and let the application define a method for
handling inputs whose lengths are not a multiple
of k octets. For such algorithms, the method shall
be to pad the input at the trailing end with k -
(l mod k) octets all having value k - (l mod k),
where l is the length of the input. In other
words, the input is padded at the trailing end
with one of the following strings:
01 -- if l mod k = k-1
02 02 -- if l mod k = k-2
.
.
.
k k ... k k -- if l mod k = 0
The padding can be removed unambiguously since all
input is padded and no padding string is a suffix
of another. This padding method is well-defined if
and only if k <32256; methods for larger k are an
open issue for further study.
An IllegalBlockSizeException is thrown (by the Cipher class) if
the block size is greater than 255 bytes.
References:
- PKCS#7: Cryptographic Message Syntax Standard. An RSA
Laboratories Technical Note;
Version 1.5; Revised November 1, 1993.
Copyright © 1997
Systemics Ltd on behalf of the
Cryptix Development Team.
All rights reserved.
$Revision: 1.6 $
- Raif S. Naffah
- David Hopwood
- Cryptix 2.2.2
PKCS7() - Creates a PKCS7 object.
|
protected boolean | engineIsValidBlockSize(int size) - SPI: Returns true if size is a valid block size (in
bytes) for this algorithm.
|
protected int | enginePad(byte[] in, int offset, int length) - Pads a given array of bytes.
|
protected int | engineUnpad(byte[] in, int offset, int length) - Given the specified subarray of bytes that includes padding bytes, returns
the index indicating where padding starts.
|
clone , engineGetParameter , engineIsValidBlockSize , enginePad , engineSetBlockSize , engineSetParameter , engineUnpad , getAlgorithm , getAlgorithms , getAlgorithms , getBlockSize , getInstance , getInstance , getParameter , pad , padLength , paddingScheme , setParameter , toString , unpad |
PKCS7
public PKCS7()
Creates a PKCS7 object.
engineIsValidBlockSize
protected boolean engineIsValidBlockSize(int size)
SPI: Returns true if
size is a valid block size (in
bytes) for this algorithm.
For PKCS#7 padding, values of
size between 1 and 255 bytes
inclusive are valid.
- engineIsValidBlockSize in interface PaddingScheme
enginePad
protected int enginePad(byte[] in,
int offset,
int length)
Pads a given array of bytes. The padding is written to the same buffer
that is used for input (in). When this method returns, the padded
block will be stored at in[offset+length..offset+blocksize-1]
.
- enginePad in interface PaddingScheme
in
- the buffer containing the incomplete block.offset
- the offset into the in
buffer of the
first byte in the group of bytes to be padded.length
- the number of bytes from the in
buffer,
starting at offset
, that need to be padded.
engineUnpad
protected int engineUnpad(byte[] in,
int offset,
int length)
Given the specified subarray of bytes that includes padding bytes, returns
the index indicating where padding starts.
For PKCS#7, the padding bytes all have value
blockSize - (length % blockSize)
. Hence to find the number
of added bytes, it's enough to consider the last byte value of the
padded message.
- engineUnpad in interface PaddingScheme
in
- the buffer containing the bytes.offset
- the offset into the in buffer of the
first byte in the block.length
- the length of the block in bytes.
- the index into the in buffer indicating
where the padding starts.