RSACrypto (IBM Tivoli Directory Integrator API)

Overview

Package

Class

Use

Tree

Serialized

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.ibm.di.security
Class RSACrypto

java.lang.Object
  com.ibm.di.security.RSACrypto

All Implemented Interfaces:: Crypto

public class RSACrypto
extends Object
implements Crypto
extends Object
implements Crypto

RSA encryption/decryption of data of any length. The pieces of data on which RSA can be normally operate are limited in size by the size of the RSA keys. To workaround that limitation this class implements a custom scheme, which uses RSA as a block cipher - the plaintext is divided into equally-sized blocks and each of them is RSA encrypted. This approach allows encryption/decyption over data of any length.

Since:: 7.0

Constructor Summary
`RSACrypto(RSAPublicKey publicKey, RSAPrivateKey privateKey, Provider cryptoProvider)` Initialize the object with the specified parameters.

Method Summary
`byte[]`	`decrypt(byte[] encryptedData)` Decrypt data.
`byte[]`	`encrypt(byte[] data)` Encrypt data.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

RSACrypto

public RSACrypto(RSAPublicKey publicKey,
                 RSAPrivateKey privateKey,
                 Provider cryptoProvider)

Initialize the object with the specified parameters. Accepts an optional Java security provider, which will be used for encryption. If the provider is set to null, the implementation will rely on the provider list configured for the JRE.

Parameters:: publicKey - a RSA public key; privateKey - a RSA private key; cryptoProvider - a Java security provider

Method Detail

encrypt

public byte[] encrypt(byte[] data)
               throws Exception

Encrypt data. The public key is used for encryption (opposite of signing where the private key is used). This way the encrypted data can be decrypted only using the private key. A security feature of the PKCS#1 padding, which is predominantly used with RSA, is that encryption produces a different ciphertext each time, despite the input plaintext stays the same. Of course, all of these ciphertexts will decrypt to the same plaintext.

Specified by:: encrypt in interface Crypto

Parameters:: data - plaintext
Returns:: ciphertext
Throws:: Exception - problem with encryption

decrypt

public byte[] decrypt(byte[] encryptedData)
               throws Exception

Decrypt data. Decryption is done using the private key.

Specified by:: decrypt in interface Crypto

Parameters:: encryptedData - ciphertext
Returns:: plaintext
Throws:: Exception - problem with decryption