|
For the latest news and information visit The GNU Crypto project |
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
java.lang.Object | +--gnu.crypto.sasl.srp.CALG
A Factory class that returns CALG (Confidentiality Algorithm) instances that operate as described in the draft-burdis-cat-sasl-srp-08.
The designated CALG block cipher should be used in OFB (Output Feedback Block) mode in the ISO variant, as described in The Handbook of Applied Cryptography, algorithm 7.20.
Let k be the block size of the chosen symmetric key block
cipher algorithm; e.g. for AES this is 128 bits or 16
octets. The OFB mode used shall be of length/size k.
It is recommended that block ciphers operating in OFB mode be used with an
Initial Vector (the mode's IV). In such a mode of operation - OFB with key
re-use - the IV need not be secret. For the mechanism in question the IVs
shall be a random octet sequence of k bytes.
k. When the input
length is not a multiple of k octets, the data shall be padded
according to the following scheme:
Assuming the length of the input is l octets,
(k - (l mod k)) octets, all having the value
(k - (l mod k)), shall be appended to the original data. In
other words, the input is padded at the trailing end with one of the
following sequences:
01 -- if l mod k = k-1
02 02 -- if l mod k = k-2
...
...
...
k k ... k k -- if l mod k = 0
The padding can be removed unambiguously since all input is padded and no
padding sequence is a suffix of another. This padding method is well-defined
if and only if k < 256 octets, which is the case with
symmetric key block ciphers today, and in the forseeable future.
| Method Summary | |
|---|---|
byte[] |
doFinal(byte[] data)
Encrypts or decrypts, depending on the mode already set, a designated array of bytes and returns the result. |
byte[] |
doFinal(byte[] data,
int offset,
int length)
Encrypts or decrypts, depending on the mode already set, a designated array of bytes and returns the result. |
void |
init(KDF kdf,
byte[] iv,
Direction dir)
Initialises a SASL-SRP CALG implementation. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Method Detail |
public void init(KDF kdf,
byte[] iv,
Direction dir)
throws SaslException
Initialises a SASL-SRP CALG implementation.
kdf - the key derivation function.iv - the initial vector value to use.dir - whether this CALG is used for encryption or decryption.
SaslException
public byte[] doFinal(byte[] data)
throws ConfidentialityException
Encrypts or decrypts, depending on the mode already set, a designated array of bytes and returns the result.
data - the data to encrypt/decrypt.
ConfidentialityException - if an exception occurs duirng the process.
public byte[] doFinal(byte[] data,
int offset,
int length)
throws ConfidentialityException
Encrypts or decrypts, depending on the mode already set, a designated array of bytes and returns the result.
data - the data to encrypt/decrypt.offset - where to start in data.length - how many bytes to consider in data.
ConfidentialityException - if an exception occurs duirng the process.
|
For the latest news and information visit The GNU Crypto project |
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||