|
|||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
java.lang.Object | +--com.cafesoft.core.crypto.SecretKeyCipher
SecretKeyCipher implements a wrapper for and encryption Cipher,
a decryption Cipher, a SecretKey, and other parameters used for
symmetric encryption/decryption using a SecretKey.
NOTE: One of the purposes of this class is to insulate usage of underlying JCE block Cipher so they can be used safely in a multi-threaded environment. JCE block Ciphers maintain state so that large blocks of data can be encrypted/decrypted. For example, the following sequence of JCE Cipher calls:
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(iv));
cipher.update(...);
cipher.update(...);
byte[] cipherText = cipher.doFinal(...);
requires the Cipher instance to keep state beween successive "update(...)"
calls until the doFinal(...) call. (The parameters are byte arrays and
corresponding array indexes to read/write). Since this usage would require
the Cipher to maintain state, use in a multi-threaded environment would not
be safe.
So, this class wraps JCE Ciphers such that encryption and decryption may only be performed in one fell swoop by use of "doFinal(...)" methods. The hope is that such usage will be multi-thread safe.
| Nested Class Summary | |
static class |
SecretKeyCipher.CipherSpec
CipherSpec is a wrapper for metadata about a Cipher
specification. |
| Method Summary | |
byte[] |
decrypt(byte[] input)
Decrypts data in a single-part operation. |
int |
decrypt(byte[] input,
int inputLen,
byte[] output)
Decrypts data in a single-part operation. |
byte[] |
encrypt(byte[] input)
Encrypts data in a single-part operation. |
int |
encrypt(byte[] input,
int inputLen,
byte[] output)
Encrypts data in a single-part operation. |
static SecretKeyCipher |
newInstance(String algorithm,
byte[] key,
byte[] iv)
Create a new SecretKeyCipher instance. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Method Detail |
public static SecretKeyCipher newInstance(String algorithm,
byte[] key,
byte[] iv)
throws NoSuchAlgorithmException,
NoSuchPaddingException,
InvalidKeyException,
InvalidAlgorithmParameterException
The enclosed encryption and decryption Ciphers will use CBC block mode and PKCS5Padding. See Appendix A in the Java Cryptography Extension Reference Guide for information about standard transformation names.
algorithm - the algorithm: "DES", "DESede", or "Blowfish". Blowfish
is the preferred algorithm due to it's performance and relative
security.key - the secret key bytes. The number of key bytes depends on the
selected algorthm: (DES key = 8 bytes, DESede key = 24 bytes,
Blowfish key = 16 bytes).iv - the initialization vector bytes.
NoSuchAlgorithmException - if algorithm is null or the empty
string, or if the algorithm is not available.
NoSuchPaddingException - if padding mechanism is not available.
InvalidKeyException - if key is null, or key length == 0 or is
less than the expected key length for the specified algoritm.
InvalidAlgorithmParameterException - if iv is null or length == 0,
or if length < 8.
public final byte[] encrypt(byte[] input)
throws IllegalStateException,
IllegalBlockSizeException,
BadPaddingException
The bytes in the input buffer are processed and padded if necessary. The result is stored in a new buffer.
encrypt in interface SymmetricCipherinput - the input buffer
IllegalStateException - if this cipher is in a wrong state
(e.g., has not been initialized)
IllegalBlockSizeException - - if this cipher is a block cipher,
no padding has been requested (only in encryption mode), and the
total input length of the data processed by this cipher is not a
multiple of block size
BadPaddingException - if the internal encryption cipher has
and invalid padding configuration or has an error while padding data.
public final int encrypt(byte[] input,
int inputLen,
byte[] output)
throws IllegalStateException,
IllegalBlockSizeException,
ShortBufferException,
BadPaddingException
The specified number of bytes in the input buffer are processed and padded if necessary. The result is stored in the specified output buffer. NOTE: this method should be used in preference to methods that return new byte buffers when multiple encrptions must be performed within the scope of a calling method. This enables reuse of the output buffer for returned encrypted cipher text.
encrypt in interface SymmetricCipherinput - the input buffer (the clear text)inputLen - the number of bytes to be read from the input bufferoutput - the output buffer (for storing cipher text)
IllegalStateException - if this cipher is in a wrong state
(e.g., has not been initialized)
ShortBufferException - if the given output buffer is too small
to hold the result
IllegalBlockSizeException - - if this cipher is a block cipher,
no padding has been requested (only in encryption mode), and the
total input length of the data processed by this cipher is not a
multiple of block size
BadPaddingException - if the internal encryption cipher has
and invalid padding configuration or has an error while padding data.
public final byte[] decrypt(byte[] input)
throws IllegalStateException,
IllegalBlockSizeException,
BadPaddingException
The bytes in the input buffer are processed and padding that was added at encryption time is removed. The result is stored in a new buffer.
decrypt in interface SymmetricCipherinput - the input buffer
IllegalStateException - if this cipher is in a wrong state
(e.g., has not been initialized)
IllegalBlockSizeException - - if this cipher is a block cipher,
no padding has been requested (only in encryption mode), and the
total input length of the data processed by this cipher is not a
multiple of block size
BadPaddingException - if the internal encryption cipher has
and invalid padding configuration or has an error while padding data.
public final int decrypt(byte[] input,
int inputLen,
byte[] output)
throws IllegalStateException,
IllegalBlockSizeException,
ShortBufferException,
BadPaddingException
The specified number of bytes in the input buffer are processed and padding is removed. The result is stored in the specified output buffer. NOTE: this method should be used in preference to methods that return new byte buffers when multiple decryptions must be performed within the scope of a calling method. This enables reuse of the output buffer for returned decrypted clear text.
decrypt in interface SymmetricCipherinput - the input buffer (the cipher text)inputLen - the number of bytes to be read from the input bufferoutput - the output buffer (for storing clear text)
IllegalStateException - if this cipher is in a wrong state
(e.g., has not been initialized)
ShortBufferException - if the given output buffer is too small
to hold the result
IllegalBlockSizeException - - if this cipher is a block cipher,
no padding has been requested (only in encryption mode), and the
total input length of the data processed by this cipher is not a
multiple of block size
BadPaddingException - if the internal encryption cipher has
and invalid padding configuration or has an error while padding data.
|
|||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||