gnu.crypto.sig.rsa
Class EME_PKCS1_V1_5

java.lang.Object
  gnu.crypto.sig.rsa.EME_PKCS1_V1_5

public class EME_PKCS1_V1_5

extends java.lang.Object

An implementation of the EME-PKCS1-V1.5 encoding and decoding methods.

EME-PKCS1-V1.5 is parameterised by the entity k which is the byte count of an RSA public shared modulus.

References:

1. Public-Key Cryptography Standards (PKCS) #1:
   RSA Cryptography Specifications Version 2.1.
   Jakob Jonsson and Burt Kaliski.

Version:

$Revision: 1.2 $

Method Summary

byte[]	decode(byte[] EM) Separate the encoded message EM into an octet string PS consisting of nonzero octets and a message M as: EM = 0x00 || 0x02 || PS || 0x00 || M.
byte[]	encode(byte[] M) Generates an octet string PS of length k - mLen - 3 consisting of pseudo-randomly generated nonzero octets.
byte[]	encode(byte[] M, IRandom irnd) Similar to encode(byte[]) method, except that the source of randomness to use for obtaining the padding bytes (an instance of IRandom) is given as a parameter.
byte[]	encode(byte[] M, java.util.Random rnd) Similar to the encode(byte[], IRandom) method, except that the source of randmoness is an instance of Random.
static EME_PKCS1_V1_5	getInstance(int k)
static EME_PKCS1_V1_5	getInstance(java.security.interfaces.RSAKey key)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getInstance

public static final EME_PKCS1_V1_5 getInstance(int k)

getInstance

public static final EME_PKCS1_V1_5 getInstance(java.security.interfaces.RSAKey key)

encode

public byte[] encode(byte[] M)

Generates an octet string PS of length k - mLen - 3 consisting of pseudo-randomly generated nonzero octets. The length of PS will be at least eight octets.

The method then concatenates PS, the message M, and other padding to form an encoded message EM of length k octets as:

    EM = 0x00 || 0x02 || PS || 0x00 || M.
 

This method uses a default PRNG to obtain the padding bytes.

Parameters:

M - the message to encode.

Returns:

the encoded message EM.

encode

public byte[] encode(byte[] M,
                     IRandom irnd)

Similar to encode(byte[]) method, except that the source of randomness to use for obtaining the padding bytes (an instance of IRandom) is given as a parameter.

Parameters:

M - the message to encode.

irnd - the IRandom instance to use as a source of randomness.

Returns:

the encoded message EM.

encode

public byte[] encode(byte[] M,
                     java.util.Random rnd)

Similar to the encode(byte[], IRandom) method, except that the source of randmoness is an instance of Random.

Parameters:

M - the message to encode.

rnd - the Random instance to use as a source of randomness.

Returns:

the encoded message EM.

decode

public byte[] decode(byte[] EM)

Separate the encoded message EM into an octet string PS consisting of nonzero octets and a message M as:

    EM = 0x00 || 0x02 || PS || 0x00 || M.
 

If the first octet of EM does not have hexadecimal value 0x00, if the second octet of EM does not have hexadecimal value 0x02, if there is no octet with hexadecimal value 0x00 to separate PS from M, or if the length of PS is less than 8 octets, output "decryption error" and stop.

Parameters:

EM - the designated encoded message.

Returns:

the decoded message M framed in the designated EM value.

Throws:

java.lang.IllegalArgumentException - if the length of the designated entity EM is different than k (the length in bytes of the public shared modulus), or if any of the conditions described above is detected.