Package org.apache.shiro.crypto

Enum PaddingScheme

  • All Implemented Interfaces:
    Serializable, Comparable<PaddingScheme>
    public enum PaddingScheme
extends Enum<PaddingScheme>
    A CipherPaddingScheme represents well-known padding schemes supported by JPA providers in a type-safe manner.

    When encrypted data is transferred, it is usually desirable to ensure that all 'chunks' transferred are a fixed-length: different length blocks might give cryptanalysts clues about what the data might be, among other reasons. Of course not all data will convert to neat fixed-length blocks, so padding schemes are used to 'fill in' (pad) any remaining space with unintelligible data.

    Padding schemes can be used in both asymmetric key ciphers as well as symmetric key ciphers (e.g. block ciphers). Block-ciphers especially regularly use padding schemes as they are based on the notion of fixed-length block sizes.

    Since:
    1.0
    See Also:
    Wikipedia: Cryptographic Padding

    • Enum Constant Detail

      • NONE

        public static final PaddingScheme NONE
        No padding. Useful when the block size is 8 bits for block cipher streaming operations. (Because a byte is the most primitive block size, there is nothing to pad).

      • OAEP

        public static final PaddingScheme OAEP
        Optimal Asymmetric Encryption Padding defined in RSA's PKSC#1 standard (aka RFC 3447).

        NOTE: using this padding requires initializing Cipher instances with a OAEPParameterSpec object which provides the 1) message digest and 2) mask generation function to use for the scheme.

        Convenient Alternatives

        While using this scheme enables you full customization of the message digest + mask generation function combination, it does require the extra burden of providing your own OAEPParameterSpec object. This is often unnecessary, because most combinations are fairly standard. These common combinations are pre-defined in this enum in the OAEP* variants.

        If you find that these common combinations still do not meet your needs, then you will need to specify your own message digest and mask generation function, either as an OAEPParameterSpec object during Cipher initialization or, maybe more easily, in the scheme name directly. If you want to use scheme name approach, the name format is specified in the Standard Names document in the Cipher Algorithm Padding section.

        See Also:
        OAEPWithMd5AndMgf1, OAEPWithSha1AndMgf1, OAEPWithSha256AndMgf1, OAEPWithSha384AndMgf1, OAEPWithSha512AndMgf1

      • OAEPWithMd5AndMgf1

        public static final PaddingScheme OAEPWithMd5AndMgf1
        Optimal Asymmetric Encryption Padding with MD5 message digest and MGF1 mask generation function.

        This is a convenient pre-defined OAEP padding scheme that embeds the message digest and mask generation function. When using this padding scheme, there is no need to init the Cipher instance with an OAEPParameterSpec object, as it is already 'built in' to the scheme name (unlike the OAEP scheme, which requires a bit more work).

      • OAEPWithSha1AndMgf1

        public static final PaddingScheme OAEPWithSha1AndMgf1
        Optimal Asymmetric Encryption Padding with SHA-1 message digest and MGF1 mask generation function.

        This is a convenient pre-defined OAEP padding scheme that embeds the message digest and mask generation function. When using this padding scheme, there is no need to init the Cipher instance with an OAEPParameterSpec object, as it is already 'built in' to the scheme name (unlike the OAEP scheme, which requires a bit more work).

      • OAEPWithSha256AndMgf1

        public static final PaddingScheme OAEPWithSha256AndMgf1
        Optimal Asymmetric Encryption Padding with SHA-256 message digest and MGF1 mask generation function.

        This is a convenient pre-defined OAEP padding scheme that embeds the message digest and mask generation function. When using this padding scheme, there is no need to init the Cipher instance with an OAEPParameterSpec object, as it is already 'built in' to the scheme name (unlike the OAEP scheme, which requires a bit more work).

      • OAEPWithSha384AndMgf1

        public static final PaddingScheme OAEPWithSha384AndMgf1
        Optimal Asymmetric Encryption Padding with SHA-384 message digest and MGF1 mask generation function.

        This is a convenient pre-defined OAEP padding scheme that embeds the message digest and mask generation function. When using this padding scheme, there is no need to init the Cipher instance with an OAEPParameterSpec object, as it is already 'built in' to the scheme name (unlike the OAEP scheme, which requires a bit more work).

      • OAEPWithSha512AndMgf1

        public static final PaddingScheme OAEPWithSha512AndMgf1
        Optimal Asymmetric Encryption Padding with SHA-512 message digest and MGF1 mask generation function.

        This is a convenient pre-defined OAEP padding scheme that embeds the message digest and mask generation function. When using this padding scheme, there is no need to init the Cipher instance with an OAEPParameterSpec object, as it is already 'built in' to the scheme name (unlike the OAEP scheme, which requires a bit more work).

    • Method Detail

      • values

        public static PaddingScheme[] values()
        Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows: 
        for (PaddingScheme c : PaddingScheme.values())
    System.out.println(c);
        Returns:
        an array containing the constants of this enum type, in the order they are declared

      • valueOf

        public static PaddingScheme valueOf​(String name)
        Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
        Parameters:
        name - the name of the enum constant to be returned.
        Returns:
        the enum constant with the specified name
        Throws:
        IllegalArgumentException - if this enum type has no constant with the specified name
        NullPointerException - if the argument is null