public class AesCipherService extends DefaultBlockCipherService
CipherService using the AES cipher algorithm for all encryption, decryption, and key operations.
The AES algorithm can support key sizes of 128, 192 and 256 bits*. This implementation
defaults to 128 bits.
Note that this class retains changes the parent class's default CBC mode to GCM of operation
instead of the typical JDK default of ECB. ECB should not be used in
security-sensitive environments because ECB does not allow for initialization vectors, which are
considered necessary for strong encryption. See the parent class's JavaDoc and the
JcaCipherService JavaDoc for more on why the JDK default should not be used and is not
used in this implementation.
* Generating and using AES key sizes greater than 128 require installation of the
Java Cryptography Extension (JCE) Unlimited Strength
Jurisdiction Policy files.| Constructor and Description |
|---|
AesCipherService()
Creates a new
CipherService instance using the AES cipher algorithm with the following
important cipher default attributes:
Attribute
Value
keySize
128 bits
blockSize
128 bits (required for AES
mode
GCM*
paddingScheme
PKCS5
initializationVectorSize
128 bits
generateInitializationVectors
true**
* The GCM operation mode is used instead of the JDK default ECB to
ensure strong encryption. |
| Modifier and Type | Method and Description |
|---|---|
protected AlgorithmParameterSpec |
createParameterSpec(byte[] iv,
boolean streaming) |
generateInitializationVector, getBlockSize, getModeName, getPaddingSchemeName, getStreamingBlockSize, getStreamingModeName, getStreamingPaddingSchemeName, getTransformationString, isGenerateInitializationVectors, setBlockSize, setMode, setModeName, setPaddingScheme, setPaddingSchemeName, setStreamingBlockSize, setStreamingMode, setStreamingModeName, setStreamingPaddingScheme, setStreamingPaddingSchemeNamegenerateNewKey, generateNewKeydecrypt, decrypt, encrypt, encrypt, ensureSecureRandom, getAlgorithmName, getDefaultSecureRandom, getInitializationVectorSize, getKeySize, getSecureRandom, getStreamingBufferSize, isGenerateInitializationVectors, setGenerateInitializationVectors, setInitializationVectorSize, setKeySize, setSecureRandom, setStreamingBufferSizepublic AesCipherService()
CipherService instance using the AES cipher algorithm with the following
important cipher default attributes:
| Attribute | Value |
|---|---|
keySize |
128 bits |
blockSize |
128 bits (required for AES |
mode |
GCM* |
paddingScheme |
PKCS5 |
initializationVectorSize |
128 bits |
generateInitializationVectors |
true** |
GCM operation mode is used instead of the JDK default ECB to
ensure strong encryption. ECB should not be used in security-sensitive environments - see the
DefaultBlockCipherService class JavaDoc's "Operation Mode" section
for more.
**In conjunction with the default GCM operation mode, initialization vectors are generated by
default to ensure strong encryption. See the JcaCipherService class JavaDoc for more.protected AlgorithmParameterSpec createParameterSpec(byte[] iv, boolean streaming)
createParameterSpec in class JcaCipherServiceCopyright © 2004–2019 The Apache Software Foundation. All rights reserved.