In this section,
we’ll look at the engine that performs encryption within the
JCE. This engine is called the
javax.crypto.Cipher); it provides an interface
to encrypt and decrypt data either in arrays within the program or as
that data is read or written through Java’s stream interfaces:
Perform encryption and decryption of arbitrary data, using (potentially) a wide array of encryption algorithms.
Like all security engines, the cipher engine implements named
algorithms. However, the naming convention for the cipher engine is
different, in that cipher algorithms are compound names that can
include the name of the algorithm along with the name of a padding
scheme and the name of a mode. Padding schemes and modes are
specified by names—just like algorithms. In theory, just as you
may pick a new name for an algorithm, you may specify new names for a
padding scheme or a mode, although the
security provider specifies several standard ones.
padding schemes are present in the
Cipher class because that class implements what
is known as a block cipher; that is, it expects to operate on data
one block (e.g., 8 bytes) at a time. Padding schemes are required in
order to ensure that the length of the data is an integral number of
Modes are provided to further alter the encrypted data in an attempt to make it harder to break the encryption. For example, if the data to be encrypted contains a number ...