All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class cryptix.provider.padding.PKCS7

java.lang.Object
   |
   +----java.security.IJCE_Traceable
           |
           +----java.security.PaddingScheme
                   |
                   +----cryptix.provider.padding.PKCS7

public class PKCS7
extends PaddingScheme
A class for padding cipher data according to the following scheme, described in section 10.3 of RSA Data Security, Inc.'s PKCS #7 standard:

    Some content-encryption algorithms assume the
    input length is a multiple of k octets, where k >
    1, and let the application define a method for
    handling inputs whose lengths are not a multiple
    of k octets. For such algorithms, the method shall
    be to pad the input at the trailing end with k -
    (l mod k) octets all having value k - (l mod k),
    where l is the length of the input. In other
    words, the input is padded at the trailing end
    with one of the following strings:
 
01 -- if l mod k = k-1 02 02 -- if l mod k = k-2 . . . k k ... k k -- if l mod k = 0
The padding can be removed unambiguously since all input is padded and no padding string is a suffix of another. This padding method is well-defined if and only if k < 256; methods for larger k are an open issue for further study.

An IllegalBlockSizeException is thrown (by the Cipher class) if the block size is greater than 255 bytes.

References:

  1. PKCS#7: Cryptographic Message Syntax Standard. An RSA Laboratories Technical Note; Version 1.5; Revised November 1, 1993.

Copyright © 1997 Systemics Ltd on behalf of the Cryptix Development Team.
All rights reserved.

$Revision: 1.5 $

Author:
Raif S. Naffah, David Hopwood

Constructor Index

 o PKCS7()
Creates a PKCS7 object.

Method Index

 o engineIsValidBlockSize(int)
SPI: Returns true if size is a valid block size (in bytes) for this algorithm.
 o enginePad(byte[], int, int)
Pads a given array of bytes.
 o engineUnpad(byte[], int, int)
Given the specified subarray of bytes that includes padding bytes, returns the index indicating where padding starts.

Constructors

 o PKCS7
 public PKCS7()
Creates a PKCS7 object.

Methods

 o enginePad
 protected int enginePad(byte in[],
                         int offset,
                         int length)
Pads a given array of bytes. The padding is written to the same buffer that is used for input (in). When this method returns, the padded block will be stored at in[offset+length..offset+blocksize-1].

Parameters:
in - the buffer containing the incomplete block.
offset - the offset into the in buffer of the first byte in the group of bytes to be padded.
length - the number of bytes from the in buffer, starting at offset, that need to be padded.
Overrides:
enginePad in class PaddingScheme
 o engineUnpad
 protected int engineUnpad(byte in[],
                           int offset,
                           int length)
Given the specified subarray of bytes that includes padding bytes, returns the index indicating where padding starts.

For PKCS#7, the padding bytes all have value blockSize - (length % blockSize). Hence to find the number of added bytes, it's enough to consider the last byte value of the padded message.

Parameters:
in - the buffer containing the bytes.
offset - the offset into the in buffer of the first byte in the block.
length - the length of the block in bytes.
Returns:
the index into the in buffer indicating where the padding starts.
Throws: CryptixException
if the number of padding bytes is invalid.
Overrides:
engineUnpad in class PaddingScheme
 o engineIsValidBlockSize
 protected boolean engineIsValidBlockSize(int size)
SPI: Returns true if size is a valid block size (in bytes) for this algorithm.

For PKCS#7 padding, values of size between 1 and 255 bytes inclusive are valid.

Overrides:
engineIsValidBlockSize in class PaddingScheme

All Packages  Class Hierarchy  This Package  Previous  Next  Index