Package pygar.cryptography

Class CryptoDefault

java.lang.Object

pygar.cryptography.CryptoEngine

pygar.cryptography.CryptoDefault

@ThreadSafe
public class CryptoDefault
extends CryptoEngine

CryptoDefault is the default provider for basic cryptographic services. It is a basic implementation of the CryptoEngine using only Core Java class components. This class must be instantiated with a reference to a fully initialized Profile object from which it will obtain installation parameters. The current version is thread safe but probably inefficient because it may force more exclusion that is necessary to execute correctly. This should be investigated in the context of the thread safety convention of the underlying Java cryptographic library. The overall system of classes permits the selection of a cryptographic algorithm through a configuration system. However, this default provider may break for some choices of algorithms because it frequently assumes the key and block lengths for AES algorithm. At this time, the entire library has been tested only with complementary set of algorithms: AES, RSA, and SHA-1.

Field Summary

Fields inherited from class pygar.cryptography.CryptoEngine

crypt_algorithm, entityAlias, fullyConfigured, privateEntryPass, privateEntryPassword, privateKeyStore, publicKeyStore, sessionKeyStore

Constructor Summary

Constructors

Constructor	Description
CryptoDefault(java.lang.String name, Profile p, java.lang.String password)

Method Summary

Modifier and Type	Method	Description
void	crypt(java.io.InputStream in, java.io.OutputStream out, javax.crypto.Cipher cipher)	Perform a symmetric key encryption or decryption on stream.
void	decryptStream(java.io.DataInputStream in, java.io.OutputStream out)	Decrypt the text on the input stream using the current entities private key and the public key encryption system.
void	encryptStream(java.lang.String name, java.io.InputStream in, java.io.DataOutputStream out)	Encrypt clear text from an input stream using Public Key Encryption applying the public key of the named destination and placing the encrypted text on the output stream.
java.security.PrivateKey	getPrivateKey()	Return the private key of the current entity from the KeyStore
java.security.PublicKey	getPublicKey(java.lang.String entityName)	Return the public key of an entity from the KeyStore
javax.crypto.SecretKey	randomKey()	Generate a random symmetric encryption key.
void	setPassword(char[] password)	Supply the password for the keystore used with the CryptoEngine.
void	setPassword(java.lang.String password)	Supply the password for the keystore used with the CryptoEngine.
java.lang.String	signText(java.lang.String text)	Sign a text string by computing its encrypted value under this entities private key.
javax.crypto.SecretKey	unwrapSecretKey(byte[] wrappedKey)	UnWrap a secret key contained in a byte array using the private key for this entity and return the SecretKeySpec
java.security.Key	unwrapSecretKeyAlt(byte[] wrappedKey)	Use Sun Java SE 6.0 facilities to UnWrap a secret key contained in a byte array using the private key for this entity and return the SecretKeySpec - this doesn't work.
boolean	verifySignedText(java.lang.String name, java.lang.String text, java.lang.String signature)	Check a signature by decrypting it with the public key of the declared name and comparing the decrypted text with the provided original text.
byte[]	wrapSecretKey(java.security.Key spec, java.lang.String name)	Wrap a secret key using the public key of the named entity and return the wrapped key as a byte array.
byte[]	wrapSecretKeyAlt(java.security.Key spec, java.lang.String name)	Use Sun Java SE 6.0 facilities to Wrap a secret key using the public key of the named entity and return the wrapped key as a byte array - this doesn't work.

Methods inherited from class pygar.cryptography.CryptoEngine

byteArrayToHex, hexStringToByteArray

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CryptoDefault

public CryptoDefault(java.lang.String name, Profile p, java.lang.String password)

Method Details

setPassword

public void setPassword(java.lang.String password)

Description copied from class: CryptoEngine

Supply the password for the keystore used with the CryptoEngine. Generally, this will be available at a later time after the object is created because it might require special actions to supply the password value.

Specified by:

setPassword in class CryptoEngine

setPassword

public void setPassword(char[] password)

Description copied from class: CryptoEngine

Supply the password for the keystore used with the CryptoEngine. Generally, this will be available at a later time after the object is created because it might require special actions to supply the password value.

Specified by:

setPassword in class CryptoEngine

getPublicKey

public java.security.PublicKey getPublicKey(java.lang.String entityName) throws KeyNotFound

Description copied from class: CryptoEngine

Return the public key of an entity from the KeyStore

Specified by:

getPublicKey in class CryptoEngine

Parameters:

entityName - name of the entity

Returns:

PublicKey

Throws:

KeyNotFound

getPrivateKey

public java.security.PrivateKey getPrivateKey() throws java.lang.Exception

Description copied from class: CryptoEngine

Return the private key of the current entity from the KeyStore

Specified by:

getPrivateKey in class CryptoEngine

Returns:

PrivateKey

Throws:

KeyNotFound

java.lang.Exception

crypt

public void crypt(java.io.InputStream in, java.io.OutputStream out, javax.crypto.Cipher cipher) throws java.io.IOException, java.security.GeneralSecurityException

Description copied from class: CryptoEngine

Perform a symmetric key encryption or decryption on stream. In this system, unencrypted data is text but encrypted data is a byte stream.

Specified by:

crypt in class CryptoEngine

Parameters:

in - input data

out - output data

cipher - an object of type Cipher

Throws:

java.io.IOException

java.security.GeneralSecurityException

randomKey

public javax.crypto.SecretKey randomKey()

Generate a random symmetric encryption key. Such keys are used for the session encryption and also in the practical implementation of public key encryption.

Specified by:

randomKey in class CryptoEngine

Returns:

SecretKeySpec

wrapSecretKeyAlt

public byte[] wrapSecretKeyAlt(java.security.Key spec, java.lang.String name)

Use Sun Java SE 6.0 facilities to Wrap a secret key using the public key of the named entity and return the wrapped key as a byte array - this doesn't work.

Parameters:

spec - an object that contains an encryption key

Returns:

byte[] the wrapped secret key

unwrapSecretKeyAlt

public java.security.Key unwrapSecretKeyAlt(byte[] wrappedKey)

Use Sun Java SE 6.0 facilities to UnWrap a secret key contained in a byte array using the private key for this entity and return the SecretKeySpec - this doesn't work.

Parameters:

wrappedKey - a byte array containing the wrapped key object that contains an encryption key

Returns:

SecretKeySpec the secret key

wrapSecretKey

public byte[] wrapSecretKey(java.security.Key spec, java.lang.String name)

Wrap a secret key using the public key of the named entity and return the wrapped key as a byte array. This custom code does not use the wrap and unwrap functions of the Java SE 6.0 library. The reason is that the official code does not work properly with keypairs produced by keytool and managed by the KeyStore code. It is simpler to replace wrap and unwrap than to replace the keytool and/or KeyStore capabilities. Unfortunately, however, the code here is a little weird. It works - but it would be hard to prove why. Beware of future changes in the Java SE libraries!

Specified by:

wrapSecretKey in class CryptoEngine

Parameters:

spec - an object that contains an encryption key

Returns:

byte[] the wrapped secret key

unwrapSecretKey

public javax.crypto.SecretKey unwrapSecretKey(byte[] wrappedKey)

UnWrap a secret key contained in a byte array using the private key for this entity and return the SecretKeySpec

Specified by:

unwrapSecretKey in class CryptoEngine

Parameters:

wrappedKey - a byte array containing the wrapped key object that contains an encryption key

Returns:

SecretKeySpec the secret key

encryptStream

public void encryptStream(java.lang.String name, java.io.InputStream in, java.io.DataOutputStream out) throws java.lang.Exception

Encrypt clear text from an input stream using Public Key Encryption applying the public key of the named destination and placing the encrypted text on the output stream.

Specified by:

encryptStream in class CryptoEngine

Parameters:

name -

in -

out -

Throws:

KeyNotFound

java.lang.Exception

java.security.NoSuchAlgorithmException

decryptStream

public void decryptStream(java.io.DataInputStream in, java.io.OutputStream out) throws java.lang.Exception

Decrypt the text on the input stream using the current entities private key and the public key encryption system.

Specified by:

decryptStream in class CryptoEngine

Parameters:

in -

out -

Throws:

java.lang.Exception

java.security.NoSuchAlgorithmException

signText

public java.lang.String signText(java.lang.String text)

Sign a text string by computing its encrypted value under this entities private key. The signature is generated by the SHA1withRSA algorithm.

Specified by:

signText in class CryptoEngine

Parameters:

text - the text to be signed

Returns:

array of characters representing a digital signature of the input text.

verifySignedText

public boolean verifySignedText(java.lang.String name, java.lang.String text, java.lang.String signature)

Check a signature by decrypting it with the public key of the declared name and comparing the decrypted text with the provided original text. The signature is the hexadecimal representation of the digital signature generated by the SHA1withRSA algorithm.

Specified by:

verifySignedText in class CryptoEngine

Parameters:

name -

signature -

Returns: