|
|||||||||
| Home >> All >> com >> jcorporate >> expresso >> core >> security >> [ strongencryption overview ] | PREV CLASS NEXT CLASS | ||||||||
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||
com.jcorporate.expresso.core.security.strongencryption
Class StringEncryption
java.lang.Objectcom.jcorporate.expresso.core.security.AbstractStringEncryption
- public class StringEncryption
- extends com.jcorporate.expresso.core.security.AbstractStringEncryption
StringEncryption.java
Copyright 2000, 2001 Jcorporate Ltd.
This class provides basic string encryption. It'll provide the services of password whitening and automatic selection of encryption.
Known Vulnerabilities. The actual whitened password remains in memory for performance sake. An attacker may find the actual password by looking at swap files looking for Base64 encoded strings. (Not too hard to grep out) but it requires an attacker to gain access to the swap partition of the server. Do not use this class for a personal encryption program.
Byte Array Format Information:
An encrypted string has the following format:
Byte 0: File Version Number(whole number only)
Bytes 1-6: 3 character desgination for the encryption mode used. UTF-16 BE
Bytes 7-14/22: The 8/16 byte random input vector to the encrypted system.
Bytes 15+/23++ : The Actual Encrypted Data
| Field Summary | |
protected static com.jcorporate.expresso.core.misc.ByteArrayCounter |
ivCounter128
|
protected static com.jcorporate.expresso.core.misc.ByteArrayCounter |
ivCounter64
|
private java.util.Hashtable |
ivMap
|
private java.util.Hashtable |
keyMap
An array of prepared secret keys depending on the mode required. |
private static org.apache.log4j.Logger |
log
|
private static java.lang.String[] |
methodKeys
|
private java.util.Hashtable |
modeMap
a way to quickly get the mode we're going to use. |
private static java.lang.String[] |
modes
An array of modes used here. |
private static java.lang.String |
PROVIDER_NAME
|
(package private) boolean |
providerAlreadyInstalled
|
private java.security.Provider |
theProvider
|
| Fields inherited from class com.jcorporate.expresso.core.security.AbstractStringEncryption |
|
| Constructor Summary | |
StringEncryption()
class for encapsulating encryption. |
|
| Method Summary | |
byte[] |
decrypt(byte[] inputData)
Same as decryptString, but only deals in byte arrays. |
void |
destroy()
Unregisters the cryptographic handler |
byte[] |
encrypt(byte[] inputData)
Same as encryptString, but only deals in byte arrays. |
byte[] |
encrypt(byte[] inputData,
java.lang.String theShortCipherString)
Encrypts a byte array of data based upon the method desired. |
void |
init()
|
private void |
jbInit()
|
| Methods inherited from class com.jcorporate.expresso.core.security.AbstractStringEncryption |
decryptString, encryptString, getCryptoManager, getPreparedPassKey, preparePassKey, setCryptoManager |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
ivCounter64
protected static com.jcorporate.expresso.core.misc.ByteArrayCounter ivCounter64
ivCounter128
protected static com.jcorporate.expresso.core.misc.ByteArrayCounter ivCounter128
log
private static final org.apache.log4j.Logger log
keyMap
private java.util.Hashtable keyMap
- An array of prepared secret keys depending on the mode required.
modeMap
private java.util.Hashtable modeMap
- a way to quickly get the mode we're going to use.
modes
private static final java.lang.String[] modes
- An array of modes used here.
methodKeys
private static final java.lang.String[] methodKeys
ivMap
private java.util.Hashtable ivMap
PROVIDER_NAME
private static final java.lang.String PROVIDER_NAME
- See Also:
- Constant Field Values
theProvider
private java.security.Provider theProvider
providerAlreadyInstalled
boolean providerAlreadyInstalled
| Constructor Detail |
StringEncryption
public StringEncryption()
- class for encapsulating encryption.
constructor will throw if JCE jar is not found; see Ant target 'get-crypto'
for easy means to download appropriate crypto library. it is under
export restriction, so it cannot be added to the expresso library as
publicly distributed
| Method Detail |
init
public void init()
throws com.jcorporate.expresso.kernel.exception.ChainedException
destroy
public void destroy()
- Unregisters the cryptographic handler
decrypt
public byte[] decrypt(byte[] inputData)
throws com.jcorporate.expresso.kernel.exception.ChainedException
- Same as decryptString, but only deals in byte arrays. This method must be
implemented by descendants of this class.
encrypt
public byte[] encrypt(byte[] inputData,
java.lang.String theShortCipherString)
throws com.jcorporate.expresso.kernel.exception.ChainedException
- Encrypts a byte array of data based upon the method desired. See the main
notes for this class for valid encryptMethod strings.
Note that a similar decrypt is not needed because the encryptMethod is included
in the header of the encrypted byte array.
encrypt
public byte[] encrypt(byte[] inputData)
throws com.jcorporate.expresso.kernel.exception.ChainedException
- Same as encryptString, but only deals in byte arrays. This must be implemented
by the descendants of this class.
jbInit
private void jbInit()
throws java.lang.Exception
|
|||||||||
| Home >> All >> com >> jcorporate >> expresso >> core >> security >> [ strongencryption overview ] | PREV CLASS NEXT CLASS | ||||||||
|
SUMMARY: JAVADOC | SOURCE | DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||