- java.lang.Object
-
- javax.crypto.CipherSpi
-
- com.ibm.crypto.hdwrCCA.provider.KyberCipher
-
public class KyberCipher extends javax.crypto.CipherSpi
This class implements the CRYSTALS-Kyber algorithm (Kyber). CRYSTALS-Kyber does not support different cipher modes.This documentation describes a Service Provider Interface. It is provided for implementation insight only. This class is not intended to be called directly by application developers. Please consult the 'Java Cryptography Architecture Standard' for details on how to use this interface through a public standard class.
- NOTE:
- Certain operations may require specific hardware or software, or specific key types. See the rest of this document and the z/OS Unique Considerations Hardware Crypto Reference Guide for more details. Unsupported operations and/or combinations may result in a RuntimeException Hardware Error.
javax.crypto.Cipher
.
-
-
Constructor Summary
Constructors Constructor Description KyberCipher()
Creates an instance of KyberCipher Verify the JCE framework in the constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected byte[]
engineDoFinal(byte[] input, int inputOffset, int inputLen)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.protected int
engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.protected int
engineGetBlockSize()
Returns the block size (in bytes).protected byte[]
engineGetIV()
Returns the initialization vector (IV) in a new buffer.protected int
engineGetOutputSize(int inputLen)
Returns the length in bytes that an output buffer would need to be in order to hold the result of the nextupdate
ordoFinal
operation, given the input lengthinputLen
(in bytes).protected java.security.AlgorithmParameters
engineGetParameters()
Returns the parameters used with this cipher.protected void
engineInit(int opmode, java.security.Key key, java.security.AlgorithmParameters params, java.security.SecureRandom random)
Initializes this cipher with an opcode, a key, a set of algorithm parameters, and a source of randomness.protected void
engineInit(int opmode, java.security.Key key, java.security.SecureRandom random)
Initializes this cipher with an opmode, a key and a source of randomness.protected void
engineInit(int opmode, java.security.Key key, java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random)
Initializes this cipher with an opcode, a key, a set of algorithm parameters, and a source of randomness.protected void
engineSetMode(java.lang.String mode)
Sets the mode of this cipher.protected void
engineSetPadding(java.lang.String padding)
Sets the padding mechanism of this cipher.protected byte[]
engineUpdate(byte[] input, int inputOffset, int inputLen)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.protected int
engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.
-
-
-
Method Detail
-
engineSetMode
protected void engineSetMode(java.lang.String mode) throws java.security.NoSuchAlgorithmException
Sets the mode of this cipher.- Specified by:
engineSetMode
in classjavax.crypto.CipherSpi
- Parameters:
mode
- the cipher mode- Throws:
java.security.NoSuchAlgorithmException
- if the requested cipher mode does not exist
-
engineSetPadding
protected void engineSetPadding(java.lang.String padding) throws javax.crypto.NoSuchPaddingException
Sets the padding mechanism of this cipher. We only except Zero padding for CRYSTALS-Kyber ciphers.- Specified by:
engineSetPadding
in classjavax.crypto.CipherSpi
- Parameters:
padding
- the padding mechanism- Throws:
javax.crypto.NoSuchPaddingException
- if the requested padding mechanism does not exist
-
engineGetBlockSize
protected int engineGetBlockSize()
Returns the block size (in bytes).- Specified by:
engineGetBlockSize
in classjavax.crypto.CipherSpi
- Returns:
- the block size (in bytes), or 0 if the underlying algorithm is not a block cipher
-
engineGetOutputSize
protected int engineGetOutputSize(int inputLen)
Returns the length in bytes that an output buffer would need to be in order to hold the result of the nextupdate
ordoFinal
operation, given the input lengthinputLen
(in bytes).This call takes into account any unprocessed (buffered) data from a previous
update
call, and padding.The actual output length of the next
update
ordoFinal
call may be smaller than the length returned by this method.- Specified by:
engineGetOutputSize
in classjavax.crypto.CipherSpi
- Parameters:
inputLen
- the input length (in bytes)- Returns:
- the required output buffer size (in bytes)
-
engineGetIV
protected byte[] engineGetIV()
Returns the initialization vector (IV) in a new buffer.This is useful in the case where a random IV has been created (see init), or in the context of password-based encryption or decryption, where the IV is derived from a user-supplied password.
- Specified by:
engineGetIV
in classjavax.crypto.CipherSpi
- Returns:
- the initialization vector in a new buffer, or null if the underlying algorithm does not use an IV, or if the IV has not yet been set.
-
engineGetParameters
protected java.security.AlgorithmParameters engineGetParameters()
Returns the parameters used with this cipher.The returned parameters may be the same that were used to initialize this cipher, or may contain the default set of parameters or a set of randomly generated parameters used by the underlying cipher implementation (provided that the underlying cipher implementation uses a default set of parameters or creates new parameters if it needs parameters but was not initialized with any).
- Specified by:
engineGetParameters
in classjavax.crypto.CipherSpi
- Returns:
- the parameters used with this cipher, or null if this cipher does not use any parameters.
-
engineInit
protected void engineInit(int opmode, java.security.Key key, java.security.SecureRandom random) throws java.security.InvalidKeyException
Initializes this cipher with an opmode, a key and a source of randomness.The cipher is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of
opmode
.If this cipher requires an initialization vector (IV), it will get it from
random
. This behaviour should only be used in encryption or key wrapping mode, however. When initializing a cipher that requires an IV for decryption or key unwrapping, the IV (same IV that was used for encryption or key wrapping) must be provided explicitly as a parameter, in order to get the correct result.This method also cleans existing buffer and other related state information.
- Specified by:
engineInit
in classjavax.crypto.CipherSpi
- Parameters:
opmode
- the operation mode of this cipher. This is one of the following:ENCRYPT_MODE
,DECRYPT_MODE
,WRAP_MODE
, orUNWRAP_MODE
.key
- the secret keyrandom
- the source of randomness- Throws:
java.security.InvalidKeyException
- if the given key is inappropriate for initializing this cipherInvalidParameterException
-
engineInit
protected void engineInit(int opmode, java.security.Key key, java.security.spec.AlgorithmParameterSpec params, java.security.SecureRandom random) throws java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException
Initializes this cipher with an opcode, a key, a set of algorithm parameters, and a source of randomness.The cipher is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of
opmode
.If this cipher (including its underlying feedback or padding scheme) requires any random bytes, it will get them from
random
.- Specified by:
engineInit
in classjavax.crypto.CipherSpi
- Parameters:
opmode
- the operation mode of this cipher (this is one of the following:ENCRYPT_MODE
,DECRYPT_MODE
,WRAP_MODE
, orUNWRAP_MODE
.key
- the encryption keyparams
- the algorithm parameter specrandom
- the source of randomness- Throws:
java.security.InvalidKeyException
- if the given key is inappropriate for initializing this cipherjava.security.InvalidAlgorithmParameterException
-
engineInit
protected void engineInit(int opmode, java.security.Key key, java.security.AlgorithmParameters params, java.security.SecureRandom random) throws java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException
Initializes this cipher with an opcode, a key, a set of algorithm parameters, and a source of randomness.The cipher is initialized for one of the following four operations: encryption, decryption, key wrapping or key unwrapping, depending on the value of
opmode
.If this cipher (including its underlying feedback or padding scheme) requires any random bytes, it will get them from
random
.- Specified by:
engineInit
in classjavax.crypto.CipherSpi
- Parameters:
opmode
- the operation mode of this cipher (this is one of the following:ENCRYPT_MODE
,DECRYPT_MODE
,WRAP_MODE
, orUNWRAP_MODE
.key
- the encryption keyparams
- the algorithm parametersrandom
- the source of randomness- Throws:
java.security.InvalidKeyException
- if the given key is inappropriate for initializing this cipherjava.security.InvalidAlgorithmParameterException
-
engineUpdate
protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLen)
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.The first
inputLen
bytes in theinput
buffer, starting atinputOffset
, are processed, and the result is stored in a new buffer.- Specified by:
engineUpdate
in classjavax.crypto.CipherSpi
- Parameters:
input
- the input bufferinputOffset
- the offset ininput
where the input startsinputLen
- the input length- Returns:
- the new buffer with the result
- Throws:
java.lang.IllegalStateException
- if this cipher is in a wrong state (e.g., has not been initialized)
-
engineUpdate
protected int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws javax.crypto.ShortBufferException
Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.The first
inputLen
bytes in theinput
buffer, starting atinputOffset
, are processed, and the result is stored in theoutput
buffer, starting atoutputOffset
.- Specified by:
engineUpdate
in classjavax.crypto.CipherSpi
- Parameters:
input
- the input bufferinputOffset
- the offset ininput
where the input startsinputLen
- the input lengthoutput
- the buffer for the resultoutputOffset
- the offset inoutput
where the result is stored- Returns:
- the number of bytes stored in
output
- Throws:
javax.crypto.ShortBufferException
- if the given output buffer is too small to hold the result
-
engineDoFinal
protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen)
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.The first
inputLen
bytes in theinput
buffer, starting atinputOffset
, and any input bytes that may have been buffered during a previousupdate
operation, are processed, with padding (if requested) being applied. The result is stored in a new buffer.The cipher is reset to its initial state (uninitialized) after this call.
- Specified by:
engineDoFinal
in classjavax.crypto.CipherSpi
- Parameters:
input
- the input bufferinputOffset
- the offset ininput
where the input startsinputLen
- the input length- Returns:
- the new buffer with the result
-
engineDoFinal
protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws javax.crypto.ShortBufferException, javax.crypto.IllegalBlockSizeException, javax.crypto.BadPaddingException
Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation. The data is encrypted or decrypted, depending on how this cipher was initialized.The first
inputLen
bytes in theinput
buffer, starting atinputOffset
, and any input bytes that may have been buffered during a previousupdate
operation, are processed, with padding (if requested) being applied. The result is stored in theoutput
buffer, starting atoutputOffset
.The cipher is reset to its initial state (uninitialized) after this call.
- Specified by:
engineDoFinal
in classjavax.crypto.CipherSpi
- Parameters:
input
- the input bufferinputOffset
- the offset ininput
where the input startsinputLen
- the input lengthoutput
- the buffer for the resultoutputOffset
- the offset inoutput
where the result is stored- Returns:
- the number of bytes stored in
output
- Throws:
javax.crypto.ShortBufferException
javax.crypto.IllegalBlockSizeException
javax.crypto.BadPaddingException
-
-