1 /* |
1 /* |
2 * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
42 import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec; |
42 import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec; |
43 import sun.security.util.KeyUtil; |
43 import sun.security.util.KeyUtil; |
44 |
44 |
45 /** |
45 /** |
46 * RSA cipher implementation. Supports RSA en/decryption and signing/verifying |
46 * RSA cipher implementation. Supports RSA en/decryption and signing/verifying |
47 * using PKCS#1 v1.5 padding and without padding (raw RSA). Note that raw RSA |
47 * using both PKCS#1 v1.5 and OAEP (v2.2) paddings and without padding (raw RSA). |
48 * is supported mostly for completeness and should only be used in rare cases. |
48 * Note that raw RSA is supported mostly for completeness and should only be |
|
49 * used in rare cases. |
49 * |
50 * |
50 * Objects should be instantiated by calling Cipher.getInstance() using the |
51 * Objects should be instantiated by calling Cipher.getInstance() using the |
51 * following algorithm names: |
52 * following algorithm names: |
52 * . "RSA/ECB/PKCS1Padding" (or "RSA") for PKCS#1 padding. The mode (blocktype) |
53 * . "RSA/ECB/PKCS1Padding" (or "RSA") for PKCS#1 v1.5 padding. |
53 * is selected based on the en/decryption mode and public/private key used |
54 * . "RSA/ECB/OAEPwith<hash>andMGF1Padding" (or "RSA/ECB/OAEPPadding") for |
|
55 * PKCS#1 v2.2 padding. |
54 * . "RSA/ECB/NoPadding" for rsa RSA. |
56 * . "RSA/ECB/NoPadding" for rsa RSA. |
55 * |
57 * |
56 * We only do one RSA operation per doFinal() call. If the application passes |
58 * We only do one RSA operation per doFinal() call. If the application passes |
57 * more data via calls to update() or doFinal(), we throw an |
59 * more data via calls to update() or doFinal(), we throw an |
58 * IllegalBlockSizeException when doFinal() is called (see JCE API spec). |
60 * IllegalBlockSizeException when doFinal() is called (see JCE API spec). |
79 |
81 |
80 // constant for raw RSA |
82 // constant for raw RSA |
81 private static final String PAD_NONE = "NoPadding"; |
83 private static final String PAD_NONE = "NoPadding"; |
82 // constant for PKCS#1 v1.5 RSA |
84 // constant for PKCS#1 v1.5 RSA |
83 private static final String PAD_PKCS1 = "PKCS1Padding"; |
85 private static final String PAD_PKCS1 = "PKCS1Padding"; |
84 // constant for PKCS#2 v2.0 OAEP with MGF1 |
86 // constant for PKCS#2 v2.2 OAEP with MGF1 |
85 private static final String PAD_OAEP_MGF1 = "OAEP"; |
87 private static final String PAD_OAEP_MGF1 = "OAEP"; |
86 |
88 |
87 // current mode, one of MODE_* above. Set when init() is called |
89 // current mode, one of MODE_* above. Set when init() is called |
88 private int mode; |
90 private int mode; |
89 |
91 |