Getting Started

Algorithm Names and Implementations

A cryptographic provider is a set of classes that implement cryptographic algorithms. A Provider subclass keeps track of how the algorithm names and classes are related. Basically, it’s a list of algorithm names and their corresponding implementations. For example, in Chapter 7, we developed the CBCWrapper class, which (by default) supports DES in CBC mode with PKCS#5 padding. We also developed the CFBWrapper class, which supports DES in eight-bit CFB mode with no padding. A simple provider then might map algorithm names to class names like this:

DES/CBC/PKCS5Padding : oreilly.jonathan.crypto.CBCWrapper
DES/CFB/NoPadding : oreilly.jonathan.crypto.CFBWrapper

Remember, though, that a cryptographic provider can include several different kinds of algorithms: key pair generation, signatures, ciphers, and others. How does the provider know which is which? The algorithm name is actually made up of a type and a name, as follows:

Cipher.DES/CBC/PKCS5Padding : oreilly.jonathan.crypto.CBCWrapper
Cipher.DES/CFB/NoPadding : oreilly.jonathan.crypto.CFBWrapper

The type corresponds to a cryptographic concept class, like Cipher or Signature. The implementation class is the corresponding SPI class, like javax.crypto.CipherSpi or java.security.SignatureSpi. Later, for example, we’ll develop a class that implements the ElGamal signature algorithm. It’s a subclass of SignatureSpi. To associate the algorithm name and the implementation class, our provider ...

Get Java Cryptography now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.