Class semper.crypto.CryptoMan
All Packages Class Hierarchy This Package Previous Next Index
Class semper.crypto.CryptoMan
java.lang.Object
|
+----semper.crypto.CryptoMan
- public class CryptoMan
- extends Object
- implements CryptoConstants
CryptoMan
- Version:
- $Revision: 1.21 $ $Date: 1996/09/20 07:26:56 $
- Author:
- Jesper Drud Nielsen ([email protected]), Torben Pedersen ([email protected])
-
CryptoMan()
- Instantiation of this class is prevented by throwing an exception.
-
decipher(byte[], boolean, int, CryptoKeyInfo)
- Decipher an array of bytes using the algorithm described by keyInfo.
-
encipher(byte[], boolean, int, CryptoKeyInfo)
- Encipher a message using the algorithm described by keyInfo.
-
generateHash(int, byte[], boolean)
- Hash a string.
-
generateMAC(byte[], boolean, int, CryptoKeyInfo)
- Generate a MAC.
-
generateMasterKey(CryptoKeyInfo)
- Method for generating and installing a masterkey.
-
generatePubKeyPair(int, byte[], CryptoKeyInfo, CryptoKeyInfo, CryptoKeyInfo)
- Generate a random public key pair.
-
generateSignature(byte[], boolean, CryptoKeyInfo, int)
- Sign a string.
-
generateSymKey(int, byte[])
- Generate a random symmetric key.
-
getLength(int)
- Returns the maximal lenght of a key of the algorithm.
-
init()
- Initialises the CryptoManager:
- intialises the pseudo random generator.
-
initConstInt()
- Initialises the vector of integers of the available methods for key exchange
-
initConstString()
- Initialises the vector of descriptions of the available methods for key exchange
-
int2Str(int)
- Converts a constant to a string describing the constant.
-
isInitialised()
- Tells whether CryptoMan is initialised.
-
masterKeyDecrypt(byte[])
- Decrypts the input under masterKey
-
masterKeyEncrypt(byte[])
- Encrypts the input under the master key (used to encrypt keys before being
stored.
-
pkDecipher(byte[], CryptoKeyInfo, int, int)
- Decipher an encrypted key using the algorithm described by keyInfo.
-
pkEncipher(CryptoKeyInfo, boolean, CryptoKeyInfo, int)
- Encipher a conventional key using the asymmetric algorithm described by keyInfo.
-
randomBytes(int)
- Returns an array of random bytes.
-
signatureLength(int)
- Returns the maximal lenght of a signature using the algorithm
-
str2Int(String)
- Converts a String to a constant
The conversion is based on two vectors which must have been initialised.
-
updateMasterKey(CryptoKeyInfo)
- Decrypt the masterKey under a key derived from the password.
-
verifyMAC(byte[], boolean, int, byte[], CryptoKeyInfo)
- Verify a MAC.
-
verifySignature(byte[], boolean, byte[], CryptoKeyInfo, int)
- Verify a signature.
-
whichAlgs(int)
- Gives information of supported algorithms.
CryptoMan
public CryptoMan() throws CryptoManException
- Instantiation of this class is prevented by throwing an exception.
- Throws: CryptoManException
- if this method is called
isInitialised
public static boolean isInitialised()
- Tells whether CryptoMan is initialised.
The CryptoMan is initialised when CryptoMan.init() has been called
- Returns:
- s true if CryptoMan has been called, false otherwise.
init
public static void init() throws CryptoManException
- Initialises the CryptoManager:
- intialises the pseudo random generator.
- retrieves the list of available modules
- loads preferred module (based on the preferences)
The user must enter a seed during initialisation. Subsequently no seed is
need. However, if a seed is entered during initialisation it is combined
with the stored one.
As only one module is available in this version, the last items are not
supported.
- Returns:
- void
- Throws: CryptoManException
- if a seed is needed or the userId is missing
randomBytes
public static byte[] randomBytes(int length) throws CryptoManException
- Returns an array of random bytes.
- Parameters:
- length - is requested number of bytes
- Returns:
- an array of random bytes
- Throws: CryptoManException
- if the module is not initialised
generateSymKey
public static CryptoKeyInfo generateSymKey(int alg,
byte seed[]) throws CryptoManException
- Generate a random symmetric key.
A key for use by a symmetric algorithm is generated and returned.
A key identifier is associated with the key. It is of the following form:
"CryptoKeyInfo___".
The serial number is obtained from archive and the algorithm is
int2Str(alg).
- Parameters:
- alg - the symmetric algorithm for which a key is requested
- seed - (optional) is used as random seed for the key generation.
If no seed (at least 16 byts) is supplied a seed
generated by the PRG will be used
- Returns:
- a cryptographic key token containing the random key
- Throws: CryptoManException
- if the algorithm is not suported or an error occured in the module
- See Also:
- randomBytes
generatePubKeyPair
public static void generatePubKeyPair(int alg,
byte seed[],
CryptoKeyInfo commonKeyInfo,
CryptoKeyInfo secKeyInfo,
CryptoKeyInfo pubKeyInfo) throws CryptoManException
- Generate a random public key pair.
A key pair for use by an asymmetric algorithm is generated and returned.
A key identifier is associated with the key. It is of the following form:
"CryptoKeyInfo____", where
is "sk", "pk" or "ck" depending on whether the key is secret, public or
common.
The serial number is obtained from archive and the algorithm is
int2Str(alg).
The identity of commonKeyInfo is only set if a new common part is generated.
- Parameters:
- alg - the asymmetric algorithm for which a key pair is requested
- seed - is the seed to be used. If no seed supplied (null or
seed.length == 0) the CryptoModule will use its own PRG)
- commonKeyInfo - contains common part of the publie key (e.g., a
description of the group in case of DL based schemes). If such
a value is supplied as input the keys will be generated with
respect to this common part)
- secKeyInfo - the generated secret key (contains a pointer to
commonKeyInfo if appropriate)
- pubKeyInfo - the generated public key (contains a pointer to
commonKeyInfo if appropriate)
- Returns:
- void
- Throws: CryptoManException
- if the algorithm is not supported or an error occured in the module
- See Also:
- CRMModule
generateHash
public static byte[] generateHash(int alg,
byte message[],
boolean fileInput) throws CryptoManException
- Hash a string.
The string is hashed using a hash algorithm.
- Parameters:
- alg - the hash algorithm
- message - the message to hash
- if - true the message is the name of file to be hashed
- Returns:
- the hash value
- Throws: CryptoManException
- if the algorithm is not supported or an error occured in the module
encipher
public static byte[] encipher(byte message[],
boolean fileEncryption,
int msgPadding,
CryptoKeyInfo keyInfo) throws CryptoManException
- Encipher a message using the algorithm described by keyInfo.
- Parameters:
- message - the message to encipher or filename of cleartext
- fileEncryption - is a boolean indicating if input/output is
from/to files. If fileEncryption is requested message is the
name of the input file.
- msgPadding - indicates how the message is padded before encryption
- keyInfo - the key token identifying the algorithm and key to be
used
- Returns:
- the enciphered string (if file encryption the name of the
String
- Throws: CryptoManException
- if encryption failed or some input is missing
- See Also:
- decipher, pkEncipher
decipher
public static byte[] decipher(byte cipher[],
boolean fileDecryption,
int msgPadding,
CryptoKeyInfo keyInfo) throws CryptoManException
- Decipher an array of bytes using the algorithm described by keyInfo.
- Parameters:
- cipher - the (ciphered) message to decipher
- fileDecryption - is a boolean indicating if input/output is
from/to files. If fileDecryption is requested cipher is the
name of the input file.
- msgPadding - indicates how the message is padded before encryption
- keyInfo - the key token identifying the algorithm and key
- Returns:
- the deciphered string
- Throws: CryptoManException
- if decryption failed
- See Also:
- encipher
pkEncipher
public static byte[] pkEncipher(CryptoKeyInfo convKeyInfo,
boolean makeConvKey,
CryptoKeyInfo pubKeyInfo,
int keyEncryption) throws CryptoManException
- Encipher a conventional key using the asymmetric algorithm described by keyInfo.
- Parameters:
- convKeyInfo - contains the symmetric key in clear to be enciphered
(possibly generated by pkEncipher and returned in convKeyInfo)
- makeKeyInfo - if true a new symmetric key is generated
(corresponding to the algorithm designated by convKeyInfo)
- pubKeyInfo - is the public key to be used
- keyEncryption - describes how the conventional key is embedded in
a block for public key encryption
- Returns:
- the enciphered key
- Throws: CryptoManException
- if pubKeyInfo is missing or an error occurs in the module
- See Also:
- encipher, pkDecipher
pkDecipher
public static byte[] pkDecipher(byte cipher[],
CryptoKeyInfo keyInfo,
int keyEncryption,
int convAlg) throws CryptoManException
- Decipher an encrypted key using the algorithm described by keyInfo.
- Parameters:
- cipher - the (ciphered) message to decipher
- keyInfo - the key token identifying the algorithm and key
- keyEncryption - describes how the conventional key is embedded in
a block for public key encryption
- convAlg - designates the conventional algorithm corresponding to the encrypted key
- Returns:
- the deciphered string
- Throws: CryptoManException
- if decryption failed
- See Also:
- pkEncipher, decipher
generateSignature
public static byte[] generateSignature(byte message[],
boolean fileInput,
CryptoKeyInfo signatureKeyInfo,
int hashAlg) throws CryptoManException
- Sign a string.
A digital signature is applied to the message using a secret signature
key.
- Parameters:
- message - the message on which to generate a signature
- fileInput - indicates if message is the name of a file to be signed
- keyInfo - the key token identifying the signature algorithm and secret key
- hashAlg - indicates the hashing algorithm to be used
- Returns:
- the digital signature
- Throws: CryptoManException
- if the algorithm is not supported or an error in module
- See Also:
- verifySignature
verifySignature
public static boolean verifySignature(byte message[],
boolean fileInput,
byte signature[],
CryptoKeyInfo keyInfo,
int hashAlg) throws CryptoManException
- Verify a signature.
A digital signature on a message is verified using a public signature
key.
- Parameters:
- message - the message on which to verify a signature
- fileInput - indicates if message is the name of a file to be signed
- signature - the digital signature
- keyInfo - the key token identifying the signature algorithm and public key
- hashAlg - defines the hashing algorithm to be used
- Returns:
- true if signature valid, otherwise false
- Throws: CryptoManException
- if the algorithm is not supported or an error in module
- See Also:
- generateSignature
generateMAC
public static byte[] generateMAC(byte message[],
boolean fileInput,
int MACalg,
CryptoKeyInfo keyInfo) throws CryptoManException
- Generate a MAC.
A message authentication code is generated on a message using a symmetric key.
- Parameters:
- message - the message on which to generate a MAC
- fileInput - is true if message is the name of a file
- MACalg - designates the MAC algorithm
- keyInfo - the key token identifying the MAC algorithm and key
- Returns:
- the MAC string
- Throws: CryptoManException
- if the algorithm is not supported, a key is missing or an error in module
- See Also:
- verifyMAC
verifyMAC
public static boolean verifyMAC(byte message[],
boolean fileInput,
int MACalg,
byte MAC[],
CryptoKeyInfo keyInfo) throws CryptoManException
- Verify a MAC.
A message authentication code is verified using a symmetric key
key.
- Parameters:
- message - the message on which to verify the MAC
- fileInput - is true if message is the name of a file
- MACalg - designates the MAC algorithm
- MAC - the MAC to verify
- keyInfo - the key token identifying the MAC algorithm and key
- Returns:
- true if MAC valid, otherwise false
- Throws: CryptoManException
- if the algorithm is not supported, a key is missing or an error in module
- See Also:
- generateMAC
whichAlgs
public static Vector whichAlgs(int secService)
- Gives information of supported algorithms.
The security services supported by CryptoMan aare encoded as follows.
o: Conventional krypto system
1: MAC algorithm
2: Public key de/encryption
3: Methods for making signatures
4: Hash functions
- Parameters:
- secService - describes the service
- Returns:
- a vector of algorithms implementing the requested service
getLength
public static int getLength(int algId) throws CryptoManException
- Returns the maximal lenght of a key of the algorithm.
- Parameters:
- algId - the algorithm for which the maximal key length is requested
- Returns:
- lenght of keys (representation) for the algorithm
- Throws: CryptoManException
- if the algorithm is not supported
signatureLength
public static int signatureLength(int algId) throws CryptoManException
- Returns the maximal lenght of a signature using the algorithm
- Parameters:
- algId - the algorithm for which the maximal signature length is requested
- Returns:
- maximal length of the signature
- Throws: CryptoManException
- if the algorithm is not supported
generateMasterKey
public static void generateMasterKey(CryptoKeyInfo passwdKeyInfo) throws CryptoManException
- Method for generating and installing a masterkey.
Generates a DES key to be used as a master key. The attribute masterKey is
updated as part of this. The actual key value is encrypted under the
password and stored in archive
- Parameters:
- passwordKeyInfo - protects the master key
- Throws: CryptoManException
- in case of errors when generating or storing the key
- See Also:
- generateSymKey
updateMasterKey
public static void updateMasterKey(CryptoKeyInfo passwdKeyInfo) throws CryptoManException
- Decrypt the masterKey under a key derived from the password.
This function requires that the masterKey object has been retrieved from
archive.
- Parameters:
- passwdKeyInfo - protects the master key
- Throws: CryptoManException
- if the key cannot be decrypted
- See Also:
- getKeyVal
masterKeyEncrypt
public static byte[] masterKeyEncrypt(byte keyBytes[]) throws CryptoManException
- Encrypts the input under the master key (used to encrypt keys before being
stored.
- Parameters:
- keyBytes - is the byte array corresponding ot the key to be encrypted
- Returns:
- byte array with the encrypted key
- Throws: CryptoManException
- if the encryption fails
- See Also:
- masterKeyDecrypt
masterKeyDecrypt
public static byte[] masterKeyDecrypt(byte encryptedKey[]) throws CryptoManException
- Decrypts the input under masterKey
- Parameters:
- encryptedKey - is the byte array corresponding to the encrypted key
- Returns:
- byte array with the key
- Throws: CryptoManException
- if the decryption fails
- See Also:
- masterKeyEncrypt
initConstString
public static void initConstString()
- Initialises the vector of descriptions of the available methods for key exchange
initConstInt
public static void initConstInt()
- Initialises the vector of integers of the available methods for key exchange
int2Str
public static String int2Str(int elem)
- Converts a constant to a string describing the constant.
The conversion is based on two vectors which must have been initialised.
- Parameters:
- elem - is the integer constant
- Returns:
- string describning the constant (null if the constant is not defined)
- See Also:
- initConstString, initConstInt
str2Int
public static int str2Int(String str)
- Converts a String to a constant
The conversion is based on two vectors which must have been initialised.
- Parameters:
- str - is the string constant
- Returns:
- the corresponding integer (0 if the str does not define a constant)
- See Also:
- initConstString, initConstInt
All Packages Class Hierarchy This Package Previous Next Index