Class RsaOaepMgf1Padding
java.lang.Object
se.swedenconnect.opensaml.xmlsec.encryption.support.RsaOaepMgf1Padding
Represents the RSA-OAEP-MGF1 padding mechanism for use in RSA encryption and decryption. This implementation provides
padding and unpadding functionalities following the OAEP (Optimal Asymmetric Encryption Padding) scheme, using MGF1
as the mask generation function. The class ensures compatibility with the defined RSA key length and associated
padding parameters.
RSA-OAEP is widely used for securely encrypting data with RSA. It combines the use of hash functions and MGF1 to provide semantic security against chosen plaintext attacks.
-
Constructor Summary
ConstructorsConstructorDescriptionRsaOaepMgf1Padding(OAEPParameterSpec parameterSpec, int rsaKeyLengthBits) Constructs an instance of the RsaOaepMgf1Padding class, initializing it with the provided OAEP parameter specification and RSA key length in bits. -
Method Summary
Modifier and TypeMethodDescriptionbyte[]pad(byte[] data) Pads the given data array using RSA-OAEP padding with a randomly generated seed.byte[]pad(byte[] data, byte[] seed) Pads the given data array using RSA-OAEP padding with the specified seed.byte[]unpad(byte[] padded) Removes the padding from the provided byte array, reversing the RSA-OAEP padding process.
-
Constructor Details
-
RsaOaepMgf1Padding
public RsaOaepMgf1Padding(OAEPParameterSpec parameterSpec, int rsaKeyLengthBits) throws NoSuchAlgorithmException Constructs an instance of the RsaOaepMgf1Padding class, initializing it with the provided OAEP parameter specification and RSA key length in bits. It validates and configures the digest functions, computes essential parameters for padding operations, and ensures the RSA key length is suitable for RSA-OAEP padding.- Parameters:
parameterSpec- the OAEP parameter specification, which includes the digest algorithm, MGF parameters, and possibly more, providing configuration details for the paddingrsaKeyLengthBits- the length of the RSA key, in bits. This should be a multiple of 8 and is used to calculate padding parameters and data constraints- Throws:
NoSuchAlgorithmException- if the specified digest algorithm in the provided parameter specification or the MGF parameters is not availableIllegalArgumentException- if the MGF parameters are not of type MGF1ParameterSpec, or if rsaKeyLengthBits is not a multiple of 8
-
-
Method Details
-
pad
Pads the given data array using RSA-OAEP padding with a randomly generated seed.- Parameters:
data- the input data to be padded, which should not exceed the maximum allowable length based on the RSA modulus size and padding parameters- Returns:
- a byte array containing the padded data
- Throws:
BadPaddingException- if the input data length exceeds the allowable limit for padding or if the padding process encounters an error
-
pad
Pads the given data array using RSA-OAEP padding with the specified seed.- Parameters:
data- the input data to be padded, which must not exceed the maximum allowable length based on the RSA modulus size and padding parametersseed- the seed value used for mask generation in the padding process- Returns:
- a byte array containing the padded data
- Throws:
BadPaddingException- if the input data length exceeds the allowable limit for padding or if the padding process encounters an error
-
unpad
Removes the padding from the provided byte array, reversing the RSA-OAEP padding process.- Parameters:
padded- the input byte array containing padded data. Its length must match the expected padded size, and it must conform to RSA-OAEP padding structure, including the specified padding and data encoding.- Returns:
- a byte array containing the original unpadded data extracted from the padded input
- Throws:
BadPaddingException- if the input does not conform to RSA-OAEP padding scheme, including errors like mismatched lengths, incorrect padding format, or hash validation failures
-