org.cryptacular.bean

Class AbstractCipherBean

java.lang.Object

org.cryptacular.bean.AbstractCipherBean

All Implemented Interfaces:

CipherBean

Direct Known Subclasses:

AbstractBlockCipherBean

public abstract class AbstractCipherBean
extends Object
implements CipherBean

Base class for all cipher beans. The base class assumes all ciphertext output will contain a prepended CiphertextHeaderV2 containing metadata that facilitates decryption.

Author:

Middleware Services

Constructor Summary

Constructors

Constructor and Description
AbstractCipherBean() Creates a new instance.
AbstractCipherBean(KeyStore keyStore, String keyAlias, String keyPassword, Nonce nonce) Creates a new instance by specifying all properties.

Method Summary

Modifier and Type	Method and Description
byte[]	decrypt(byte[] input) Decrypts the input data using a block cipher.
void	decrypt(InputStream input, OutputStream output) Decrypts the data from the input stream onto the output stream using a symmetric cipher.
byte[]	encrypt(byte[] input) Encrypts the input data using a symmetric cipher.
void	encrypt(InputStream input, OutputStream output) Encrypts the data from the input stream onto the output stream using a symmetric cipher.
String	getKeyAlias()
KeyStore	getKeyStore()
Nonce	getNonce()
protected SecretKey	lookupKey(String alias) Looks up secret key entry in the keyStore.
protected abstract byte[]	process(CiphertextHeader header, boolean mode, byte[] input) Processes the given data under the action of the cipher.
protected abstract void	process(CiphertextHeader header, boolean mode, InputStream input, OutputStream output) Processes the given data under the action of the cipher.
void	setKeyAlias(String keyAlias) Sets the keystore entry alias used to locate the current encryption key.
void	setKeyPassword(String keyPassword) Sets the password used to access the encryption key.
void	setKeyStore(KeyStore keyStore) Sets the keystore containing encryption/decryption key(s).
void	setNonce(Nonce nonce) Sets the nonce/IV generation strategy.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbstractCipherBean

public AbstractCipherBean()

Creates a new instance.

AbstractCipherBean

public AbstractCipherBean(KeyStore keyStore,
                          String keyAlias,
                          String keyPassword,
                          Nonce nonce)

Creates a new instance by specifying all properties.

Parameters:

keyStore - Key store containing encryption key.

keyAlias - Name of encryption key entry in key store.

keyPassword - Password used to decrypt key entry in keystore.

nonce - Nonce/IV generator.

Method Detail

getKeyStore

public KeyStore getKeyStore()

Returns:

Keystore that contains the SecretKey.

setKeyStore

public void setKeyStore(KeyStore keyStore)

Sets the keystore containing encryption/decryption key(s). The keystore must contain a SecretKey entry whose alias is given by setKeyAlias(String), which will be used at the encryption key. It may contain additional symmetric keys to support, for example, key rollover where some existing ciphertexts have headers specifying a different key. In general all keys used for outstanding ciphertexts should be contained in the keystore.

Parameters:

keyStore - Keystore containing encryption key(s).

getKeyAlias

public String getKeyAlias()

Returns:

Alias that specifies the KeyStore entry containing the SecretKey.

setKeyAlias

public void setKeyAlias(String keyAlias)

Sets the keystore entry alias used to locate the current encryption key.

Parameters:

keyAlias - Alias of SecretKey used for encryption.

setKeyPassword

public void setKeyPassword(String keyPassword)

Sets the password used to access the encryption key.

Parameters:

keyPassword - Encryption key password.

getNonce

public Nonce getNonce()

Returns:

Nonce/IV generation strategy.

setNonce

public void setNonce(Nonce nonce)

Sets the nonce/IV generation strategy.

Parameters:

nonce - Nonce generator.

encrypt

public byte[] encrypt(byte[] input)
               throws CryptoException

Description copied from interface: CipherBean

Encrypts the input data using a symmetric cipher.

Specified by:

encrypt in interface CipherBean

Parameters:

input - Plaintext data to encrypt.

Returns:

Ciphertext output.

Throws:

CryptoException - on underlying cipher data handling errors.

encrypt

public void encrypt(InputStream input,
                    OutputStream output)
             throws CryptoException,
                    StreamException

Description copied from interface: CipherBean

Encrypts the data from the input stream onto the output stream using a symmetric cipher.

The caller is responsible for providing and managing the streams (e.g. closing them when finished).

Specified by:

encrypt in interface CipherBean

Parameters:

input - Input stream containing plaintext data to encrypt.

output - Output stream containing ciphertext produced by cipher in encryption mode.

Throws:

CryptoException - on underlying cipher data handling errors.

StreamException - on stream IO errors.

decrypt

public byte[] decrypt(byte[] input)
               throws CryptoException,
                      EncodingException

Description copied from interface: CipherBean

Decrypts the input data using a block cipher.

Specified by:

decrypt in interface CipherBean

Parameters:

input - Ciphertext data to encrypt.

Returns:

Plaintext output.

Throws:

CryptoException - on underlying cipher data handling errors.

EncodingException

decrypt

public void decrypt(InputStream input,
                    OutputStream output)
             throws CryptoException,
                    EncodingException,
                    StreamException

Description copied from interface: CipherBean

Decrypts the data from the input stream onto the output stream using a symmetric cipher.

The caller is responsible for providing and managing the streams (e.g. closing them when finished).

Specified by:

decrypt in interface CipherBean

Parameters:

input - Input stream containing ciphertext data to decrypt.

output - Output stream containing plaintext produced by cipher in decryption mode.

Throws:

CryptoException - on underlying cipher data handling errors.

StreamException - on stream IO errors.

EncodingException

lookupKey

protected SecretKey lookupKey(String alias)

Looks up secret key entry in the keyStore.

Parameters:

alias - Name of secret key entry.

Returns:

Secret key.

process

protected abstract byte[] process(CiphertextHeader header,
                                  boolean mode,
                                  byte[] input)

Processes the given data under the action of the cipher.

Parameters:

header - Ciphertext header.

mode - True for encryption; false for decryption.

input - Data to process by cipher.

Returns:

Ciphertext data under encryption, plaintext data under decryption.

process

protected abstract void process(CiphertextHeader header,
                                boolean mode,
                                InputStream input,
                                OutputStream output)

Processes the given data under the action of the cipher.

Parameters:

header - Ciphertext header.

mode - True for encryption; false for decryption.

input - Stream containing input data.

output - Stream that receives output of cipher.