tags:

views:

272

answers:

1
Q: 

javax.crypto AES encryption - Do I only need to call doFinal?

I want to do AES CBC encryption in Java. I'm using javax.crypto. After I have the Cipher initialized, do I only need to call doFinal on the clear bytes to properly encrypt it? Or do I need to do something with update?

Documentation says update:

Continues a multiple-part encryption or decryption operation

and doFinal

Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation

what exactly do they mean by multiple-part encryption?

+1  A: 

doFinal adds the PKCS7 padding in the last block. So you can call update zero to many times, but last call should be an doFinal. Multipart encryption is when the data is not contiguous in memory. Typical example being buffers received from a socket. You set up the cipher and then start calling update to encrypt or decrypt the data, block by block, and build up the encrypted/decrypted data, by appending the blocks returned by update. On last input block you call doFinal and the returned block is the last one to be appended to the output data. On ecnrypting, doFinal will add the padding. On decrypting doFinal will validate and remove the padding.

Remus Rusanu  2010-03-12 21:06:57
So do I have to separate my byte array into chunks of BLOCKSIZE size and call update on each block except the last one, and call doFinal on the last one? Or can I just call doFinal on the whole thing and it will do it all for me?
Kyle  2010-03-12 21:11:00
You only need to do multiple updates if the data is not contiguous. If you already have it in a single contiguous block, you can just call doFinal once.
Remus Rusanu  2010-03-12 21:15:06
Ahh, I see. So the reason you would do encryption as multipart is because you want to get started encrypting data as soon as you receive it rather than waiting until you fully receive all the data?
Kyle  2010-03-12 21:19:09
Right. also you don't want to move data around just to create a contiguous block.
Remus Rusanu  2010-03-12 21:24:54

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java