: Class PKCS1Operations

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

de.flexiprovider.core.rsa
Class PKCS1Operations

java.lang.Object
  |
  +--de.flexiprovider.core.rsa.PKCS1Operations

public final class PKCS1Operations
extends java.lang.Object

Method Summary

static byte[] EME_OAEP_DECODE(byte[] EM, byte[] L, int k, MessageDigest md)
          EME-OAEP decoding as specified in PKCS#1 v2.1, section 7.1.2, step 3

static byte[] EME_OAEP_ENCODE(byte[] M, byte[] L, int k, MessageDigest md, SecureRandom prng)
          EME-OAEP encoding as specified in PKCS#1 v2.1, section 7.1.1, step 2

static byte[] EMSA_PKCS1_v1_5_ENCODE(byte[] H, int emLen, AlgorithmIdentifier aid)
          This encoding method is deterministic and does not have an equivalent decoding function.

static byte[] EMSA_PSS_ENCODE(byte[] M, int emBits, MessageDigest md, byte[] salt)


static boolean EMSA_PSS_VERIFY(byte[] M, byte[] EM, int emBits, MessageDigest md)
          This encoding method is parameterized by the choice of hash function, mask generation function, and salt length.

static byte[] I2OSP(FlexiBigInt x, int xLen)
          Converts a nonnegative integer to an octet string of specified length.

static byte[] MGF1(byte[] seed, int length, MessageDigest md)
          Mask generation function MGF1 as specified in PKCS#1, section B.2 Coincides with mask generation functions specified in IEEE Standard 1363 and ANSI X9.44 (draft).

static FlexiBigInt OS2IP(byte[] X)
          Converts an octet string to a nonnegative integer.

protected static FlexiBigInt RSADP(RSAPrivateKey privKey, FlexiBigInt c)
          RSA decryption primitive RSADP as specified in PKCS#1, section 5.1.1 No multiprime support.

protected static FlexiBigInt RSAEP(RSAPublicKey pubKey, FlexiBigInt m)
          RSA encryption primitive RSAEP.

Methods inherited from class java.lang.Object

, clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

I2OSP

public static byte[] I2OSP(FlexiBigInt x,
                           int xLen)
                    throws PKCS1Exception

Converts a nonnegative integer to an octet string of specified length.

Parameters:: x - nonnegative integer to be converted; xLen - intended maximum length of the resulting octet string or 0 if arbitrary length is allowed. if xLen != 0, the resulting octet string will be padded with leading zeros.
Returns:: corresponding octet string of length xLen

OS2IP

public static FlexiBigInt OS2IP(byte[] X)

Converts an octet string to a nonnegative integer.

Parameters:: X - octet string to be converted
Returns:: corresponding nonnegative integer

RSAEP

protected static FlexiBigInt RSAEP(RSAPublicKey pubKey,
                                   FlexiBigInt m)
                            throws PKCS1Exception

RSA encryption primitive RSAEP. Functionally equivalent to RSAVP1.

Parameters:: pubKey - the public RSA key; m - message to be encrypted (RSAEP) or signature to be verified (RSAVP1)
Returns:: m^d mod n

RSADP

protected static FlexiBigInt RSADP(RSAPrivateKey privKey,
                                   FlexiBigInt c)
                            throws PKCS1Exception

RSA decryption primitive RSADP as specified in PKCS#1, section 5.1.1 No multiprime support. Functionally equivalent to RSASP1.

Parameters:: privKey - the private RSA key; c - ciphertext to be decrypted (RSADP) or plaintext be signed (RSASP1)
Returns:: m^e mod n

EME_OAEP_ENCODE

public static byte[] EME_OAEP_ENCODE(byte[] M,
                                     byte[] L,
                                     int k,
                                     MessageDigest md,
                                     SecureRandom prng)

EME-OAEP encoding as specified in PKCS#1 v2.1, section 7.1.1, step 2

Parameters:: L - a label, optional. pass null if label empty.; M - message to be encoded; k - the encoding length; md - message digest that will be used for hashing the message; prng - source of cryptographically secure pseudo-randomness
Returns:: encoded message EM

EME_OAEP_DECODE

public static byte[] EME_OAEP_DECODE(byte[] EM,
                                     byte[] L,
                                     int k,
                                     MessageDigest md)
                              throws PKCS1Exception

EME-OAEP decoding as specified in PKCS#1 v2.1, section 7.1.2, step 3

Parameters:: EM - the encoded message; L - a label, optional. pass null if not required.; k - the encoding length; md - the message digest
Returns:: encoded message EM

EMSA_PSS_ENCODE

public static byte[] EMSA_PSS_ENCODE(byte[] M,
                                     int emBits,
                                     MessageDigest md,
                                     byte[] salt)
                              throws PKCS1Exception

EMSA_PSS_VERIFY

public static boolean EMSA_PSS_VERIFY(byte[] M,
                                      byte[] EM,
                                      int emBits,
                                      MessageDigest md)

This encoding method is parameterized by the choice of hash function, mask generation function, and salt length. These options should be fixed for a given RSA key, except that the salt length can be variable. Suggested hash and mask generation functions are given in Appendix B. The encoding method is based on Bellare and Rogaway's Probabilistic Signature Scheme (PSS) [4][5]. It is randomized and has an encoding operation and a verification operation.

Parameters:: M - the message; EM - the encoded message; emBits - the bit length of the encoded message; md - the message digest
Returns:: whether EM is a valid encoding of M

EMSA_PKCS1_v1_5_ENCODE

public static byte[] EMSA_PKCS1_v1_5_ENCODE(byte[] H,
                                            int emLen,
                                            AlgorithmIdentifier aid)
                                     throws PKCS1Exception

This encoding method is deterministic and does not have an equivalent decoding function.

Parameters:: H - hash value of the message to be encoded (deviant from specification); emLen - intended length in octets of the encoded message at least tLen+11, where tLen is the octet length of the DER encoding T of a certain value computed during the encoding operation.; aid - Algorithm identifier of the message digest algorithm used for hashing the message.
Returns:: the encoded message

MGF1

public static byte[] MGF1(byte[] seed,
                          int length,
                          MessageDigest md)

Mask generation function MGF1 as specified in PKCS#1, section B.2 Coincides with mask generation functions specified in IEEE Standard 1363 and ANSI X9.44 (draft).

Parameters:: seed - the seed; length - the intended output length; md - the message digest
Returns:: the generated mask