org.apache.shiro.crypto
Enum PaddingScheme

java.lang.Object
  extended by java.lang.Enum<PaddingScheme>
      extended by org.apache.shiro.crypto.PaddingScheme
All Implemented Interfaces:
Serializable, Comparable<PaddingScheme>

public enum PaddingScheme
extends Enum<PaddingScheme>

A CipherPaddingScheme represents well-known padding schemes supported by JPA providers in a type-safe manner.

When encrypted data is transferred, it is usually desirable to ensure that all 'chunks' transferred are a fixed-length: different length blocks might give cryptanalysts clues about what the data might be, among other reasons. Of course not all data will convert to neat fixed-length blocks, so padding schemes are used to 'fill in' (pad) any remaining space with unintelligible data.

Padding schemes can be used in both asymmetric key ciphers as well as symmetric key ciphers (e.g. block ciphers). Block-ciphers especially regularly use padding schemes as they are based on the notion of fixed-length block sizes.

Since:
1.0
See Also:
Wikipedia: Cryptographic Padding

Enum Constant Summary
ISO10126
          Padding scheme as defined in the W3C's "XML Encryption Syntax and Processing" document, Section 5.2 - Block Encryption Algorithms.
NONE
          No padding.
OAEP
          Optimal Asymmetric Encryption Padding defined in RSA's PKSC#1 standard (aka RFC 3447).
OAEPWithMd5AndMgf1
          Optimal Asymmetric Encryption Padding with MD5 message digest and MGF1 mask generation function.
OAEPWithSha1AndMgf1
          Optimal Asymmetric Encryption Padding with SHA-1 message digest and MGF1 mask generation function.
OAEPWithSha256AndMgf1
          Optimal Asymmetric Encryption Padding with SHA-256 message digest and MGF1 mask generation function.
OAEPWithSha384AndMgf1
          Optimal Asymmetric Encryption Padding with SHA-384 message digest and MGF1 mask generation function.
OAEPWithSha512AndMgf1
          Optimal Asymmetric Encryption Padding with SHA-512 message digest and MGF1 mask generation function.
PKCS1
          Padding scheme used with the RSA algorithm defined in RSA's PKSC#1 standard (aka RFC 3447).
PKCS5
          Padding scheme defined in RSA's Password-Based Cryptography Standard.
SSL3
          Padding scheme defined in the SSL 3.0 specification, section 5.2.3.2 (CBC block cipher).
 
Method Summary
 String getTransformationName()
          Returns the actual string name to use when building the Cipher transformation string.
static PaddingScheme valueOf(String name)
          Returns the enum constant of this type with the specified name.
static PaddingScheme[] values()
          Returns an array containing the constants of this enum type, in the order they are declared.
 
Methods inherited from class java.lang.Enum
clone, compareTo, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf
 
Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait
 

Enum Constant Detail

NONE

public static final PaddingScheme NONE
No padding. Useful when the block size is 8 bits for block cipher streaming operations. (Because a byte is the most primitive block size, there is nothing to pad).


ISO10126

public static final PaddingScheme ISO10126
Padding scheme as defined in the W3C's "XML Encryption Syntax and Processing" document, Section 5.2 - Block Encryption Algorithms.


OAEP

public static final PaddingScheme OAEP
Optimal Asymmetric Encryption Padding defined in RSA's PKSC#1 standard (aka RFC 3447).

NOTE: using this padding requires initializing Cipher instances with a OAEPParameterSpec object which provides the 1) message digest and 2) mask generation function to use for the scheme.

Convenient Alternatives

While using this scheme enables you full customization of the message digest + mask generation function combination, it does require the extra burden of providing your own OAEPParameterSpec object. This is often unnecessary, because most combinations are fairly standard. These common combinations are pre-defined in this enum in the OAEP* variants.

If you find that these common combinations still do not meet your needs, then you will need to specify your own message digest and mask generation function, either as an OAEPParameterSpec object during Cipher initialization or, maybe more easily, in the scheme name directly. If you want to use scheme name approach, the name format is specified in the Standard Names document in the Cipher Algorithm Padding section.

See Also:
OAEPWithMd5AndMgf1, OAEPWithSha1AndMgf1, OAEPWithSha256AndMgf1, OAEPWithSha384AndMgf1, OAEPWithSha512AndMgf1

OAEPWithMd5AndMgf1

public static final PaddingScheme OAEPWithMd5AndMgf1
Optimal Asymmetric Encryption Padding with MD5 message digest and MGF1 mask generation function.

This is a convenient pre-defined OAEP padding scheme that embeds the message digest and mask generation function. When using this padding scheme, there is no need to init the Cipher instance with an OAEPParameterSpec object, as it is already 'built in' to the scheme name (unlike the OAEP scheme, which requires a bit more work).


OAEPWithSha1AndMgf1

public static final PaddingScheme OAEPWithSha1AndMgf1
Optimal Asymmetric Encryption Padding with SHA-1 message digest and MGF1 mask generation function.

This is a convenient pre-defined OAEP padding scheme that embeds the message digest and mask generation function. When using this padding scheme, there is no need to init the Cipher instance with an OAEPParameterSpec object, as it is already 'built in' to the scheme name (unlike the OAEP scheme, which requires a bit more work).


OAEPWithSha256AndMgf1

public static final PaddingScheme OAEPWithSha256AndMgf1
Optimal Asymmetric Encryption Padding with SHA-256 message digest and MGF1 mask generation function.

This is a convenient pre-defined OAEP padding scheme that embeds the message digest and mask generation function. When using this padding scheme, there is no need to init the Cipher instance with an OAEPParameterSpec object, as it is already 'built in' to the scheme name (unlike the OAEP scheme, which requires a bit more work).


OAEPWithSha384AndMgf1

public static final PaddingScheme OAEPWithSha384AndMgf1
Optimal Asymmetric Encryption Padding with SHA-384 message digest and MGF1 mask generation function.

This is a convenient pre-defined OAEP padding scheme that embeds the message digest and mask generation function. When using this padding scheme, there is no need to init the Cipher instance with an OAEPParameterSpec object, as it is already 'built in' to the scheme name (unlike the OAEP scheme, which requires a bit more work).


OAEPWithSha512AndMgf1

public static final PaddingScheme OAEPWithSha512AndMgf1
Optimal Asymmetric Encryption Padding with SHA-512 message digest and MGF1 mask generation function.

This is a convenient pre-defined OAEP padding scheme that embeds the message digest and mask generation function. When using this padding scheme, there is no need to init the Cipher instance with an OAEPParameterSpec object, as it is already 'built in' to the scheme name (unlike the OAEP scheme, which requires a bit more work).


PKCS1

public static final PaddingScheme PKCS1
Padding scheme used with the RSA algorithm defined in RSA's PKSC#1 standard (aka RFC 3447).


PKCS5

public static final PaddingScheme PKCS5
Padding scheme defined in RSA's Password-Based Cryptography Standard.


SSL3

public static final PaddingScheme SSL3
Padding scheme defined in the SSL 3.0 specification, section 5.2.3.2 (CBC block cipher).

Method Detail

values

public static PaddingScheme[] values()
Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:
for (PaddingScheme c : PaddingScheme.values())
    System.out.println(c);

Returns:
an array containing the constants of this enum type, in the order they are declared

valueOf

public static PaddingScheme valueOf(String name)
Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)

Parameters:
name - the name of the enum constant to be returned.
Returns:
the enum constant with the specified name
Throws:
IllegalArgumentException - if this enum type has no constant with the specified name
NullPointerException - if the argument is null

getTransformationName

public String getTransformationName()
Returns the actual string name to use when building the Cipher transformation string.

Returns:
the actual string name to use when building the Cipher transformation string.
See Also:
Cipher.getInstance(String)


Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.