com.ibm.di.security
Class SymmetricCipherCrypto

java.lang.Object
  extended by com.ibm.di.security.SymmetricCipherCrypto
All Implemented Interfaces:
Crypto

public class SymmetricCipherCrypto
extends Object
implements Crypto

Secret key encryption/decryption. This class can work with secret key JCE transformations like the one that javax.crypto.Cipher.getInstance accepts. It supports block ciphers (e.g. AES) in various feedback modes (ECB, CBC, CFB, ...) as well as stream ciphers (e.g. RC4). Objects of this class are thread-safe.

Since:
7.0

Constructor Summary
SymmetricCipherCrypto(String transformation, SecretKey secretKey, Provider cryptoProvider)
          Initializes the object with the specified parameters.
 
Method Summary
 byte[] decrypt(byte[] encryptedData)
          Decrypt data.
 byte[] encrypt(byte[] data)
          Encrypt data.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SymmetricCipherCrypto

public SymmetricCipherCrypto(String transformation,
                             SecretKey secretKey,
                             Provider cryptoProvider)
                      throws Exception
Initializes the object with the specified parameters. Calculates the size of the initialization vector needed for the transformation. Accepts an optional Java security provider, which will be used for encryption. If the provider is set to null, the implementation will rely on the provider list configured for the JRE.

Parameters:
transformation - the name of a secret key transformation
secretKey - a secret key, suitable for the cipher of the transformation
cryptoProvider - a Java security provider
Throws:
Exception - error by the underlying JCE provider
Method Detail

encrypt

public byte[] encrypt(byte[] data)
               throws Exception
Encrypt data. If the feedback mode of the transformation requires an initialization vector (IV), a random one will be created. This makes the IV non-predictable. The encrypted data is prefixed with the IV (if required) as plaintext (the IV does not need to be kept secret).

Specified by:
encrypt in interface Crypto
Parameters:
data - plaintext
Returns:
ciphertext
Throws:
Exception - problem with encryption

decrypt

public byte[] decrypt(byte[] encryptedData)
               throws Exception
Decrypt data. If the transformation requires an initialization vector (IV), the IV used for encryption is assumed to be located in the beginning of the input buffer.

Specified by:
decrypt in interface Crypto
Parameters:
encryptedData - ciphertext
Returns:
plaintext
Throws:
Exception - problem with decryption