All Packages Class Hierarchy This Package Previous Next Index
Class semper.crypto.CRMModule
java.lang.Object
|
+----semper.crypto.CRMModule
- public class CRMModule
- extends Object
Module supplying cryptographic services based on CRM's cryptotools.
All services can be used by static calls. The module provides implementations
of the cryptographic services needed by the manager.
- Version:
- $Revision: 1.8 $ $Date: 1997/11/05 14:24:36 $
- Author:
- Torben Pedersen ([email protected])
-
CRMModule()
- Constructor for module.
-
decipher(int, int, byte[], int, byte[], byte[])
- Decipher an array of bytes using the symmetric algorithm
described by alg.
-
encipher(int, int, byte[], int, byte[], byte[])
- Encipher an array of bytes using the symmetric algorithm described by alg.
-
generateHash(int, byte[], int, byte[])
-
-
generateMAC(int, int, byte[], int, byte[], byte[])
- Generate a MAC.
-
generatePubKeyPair(int, int, int, byte[], int, byte[], byte[], byte[])
- Generate a random public key pair.
-
generateSignature(int, int, byte[], int, byte[], byte[], byte[])
- Sign a string.
-
generateSymKey(int, byte[], int, byte[])
- Generate a random symmetric key.
-
getRandomBytes(int, byte[])
- Method for obtaining a required number of random bytes.
-
initModule(byte[], int)
- Method for initialising PRG of module.
-
pkDecipher(int, int, int, byte[], byte[], byte[], byte[])
- Decipher an encrypted conventional key using an asymmetric crypto system
-
pkEncipher(int, int, int, byte[], boolean, byte[], byte[], byte[])
- Encrypts a key to a conventional system under a public key.
-
verifyMAC(int, int, byte[], int, byte[], byte[])
- Verify a MAC.
-
verifySignature(int, int, byte[], int, byte[], byte[], byte[])
- Verify a signature.
-
whichAlgs(int, int[])
- Gives information of supported algorithms.
CRMModule
public CRMModule()
- Constructor for module. Should not be used as all services can be used by
static calls. This constructor does not do anything at all.
initModule
public static native int initModule(byte seed[],
int seedLength)
- Method for initialising PRG of module.
- Parameters:
- seed - is a random string for initialising PRG
- seedLenght - is the lenght of the seed
- Returns:
- return code indicating the result of initialisation (0 success)
getRandomBytes
public static native int getRandomBytes(int length,
byte randomBytes[])
- Method for obtaining a required number of random bytes.
This method assumes that the module has been initialised. Otherwise an
error is returned.
- Parameters:
- lenght - is the number of bytes requested
- randomBytes - coontains the random bytes
- Returns:
- return code indicating the result (0 success)
generateSymKey
public static native int generateSymKey(int alg,
byte seed[],
int seedLength,
byte symKey[])
- Generate a random symmetric key.
A key for use by a symmetric algorithm is generated and returned. The key
generation will be based on the PRG of the module. However, if a seed is
provided this will be used instead. If the module has not been initialised
and no seed is provided an error is returned
- Parameters:
- alg, - an integer identifying the symmetric algorithm for which
a key is requested
- seed - is the random seed needed for the key generation
- seedLength - is the length of the seed
- symKey, - a byte array containing the symmetric key
- Returns:
- 0 indicates succes. Error possibilities (wrong alg identifier)
- See Also:
- initModule
generatePubKeyPair
public static native int generatePubKeyPair(int alg,
int keyInf,
int keyLength,
byte seed[],
int seedLength,
byte commonKey[],
byte secKey[],
byte pubKey[])
- Generate a random public key pair.
A key pair for use by an asymmetric algorithm is generated and returned.The
key generation will be based on the PRG of the module. However, if a seed is
provided this will be used instead. If the module has not been initialised
and no seed is provided an error is returned
- Parameters:
- alg - the asymmetric algorithm for which a key pair is requested
- keyInf - may be used to describe further requirements on the key
(RSA: restrictions on the exponent; DSS: whether a given common
part should be used or a new generated)
- keyLength - indicates the length of the key
- seed - is the random seed needed for the key generation
- seedLength - is the length of the seed
- commonKey - contains a part of a public key which is generated
beforehand and is common to many users (e.g., parameters
describing the group in case of DL based systems)
- secKey, - a byte array containing the secret key
- pubKey - is a byte array containing the public key
- Returns:
- integer return code
- See Also:
- initModule
generateHash
public static native int generateHash(int alg,
byte message[],
int messageLength,
byte hashVal[])
encipher
public static native int encipher(int alg,
int paddingMode,
byte message[],
int messageLength,
byte key[],
byte cipher[])
- Encipher an array of bytes using the symmetric algorithm described by alg.
- Parameters:
- alg - identifies the symmetric algorithm to be used
- paddingMode - inicates the method for padding
- message - the message to encipher
- messageLength - is the length of the message in bytes (0
indicates that message is the name of a file to be encrypted)
- key - is the symmetric key to be used of the encryption
- cipher - contains the resulting cipher text (if messageLength is
0 cipher must specify a file)
- Returns:
- return code (0 if successful=
- See Also:
- decipher, pkEncipher
decipher
public static native int decipher(int alg,
int paddingMode,
byte cipher[],
int cipherLength,
byte key[],
byte message[])
- Decipher an array of bytes using the symmetric algorithm
described by alg.
- Parameters:
- alg - identifies the algorithm to be used
- paddingMode - inicates the method for padding
- cipher - contains the cipher text
- cipherLength - is the length of the message in bytes (0
indicates that message is the name of a file to be decrypted)
- key - is the symmetric key to be used of the decryption
- message - is the message recovered in clear text (if cipherLength
is 0 message must specify a file)
- Returns:
- return code (0 if successful). The return code gives the number
of padding bits, which have been stripped of.
- See Also:
- encipher
pkEncipher
public static native int pkEncipher(int pubKeyAlg,
int keyEncMode,
int convAlg,
byte convKey[],
boolean makeConvKey,
byte commonKey[],
byte pubkey[],
byte pubCipher[])
- Encrypts a key to a conventional system under a public key. The key may either be supplied as input or the function will generate one and return it.
- Parameters:
- pubKeyAlg - identifies the asymmetric algorithm to be used
- keyEncMode - specifies the padding of the key when encrypted
- convAlg - identifies the symmetric algorithm to be used (may be 0
if the key is given as input)
- convKey - is the key to be encrypted. Always contains the key in
clear afterwards.
- makeConvKey - flag telling if a new key should be generated (true)
or the one supplied in convKey should be encrypted.
- commonKey - is the common part of a public key
- pubKey - is the public key to be used
- pubCipher - contains the encryption under public key system
(of a the key in convKey)
- Returns:
- return code (0 if successful)
- See Also:
- generatePubKeyPair, decipher, pkDecipher
pkDecipher
public static native int pkDecipher(int pubKeyAlg,
int keyEncMode,
int convAlg,
byte pubCipher[],
byte commonKey[],
byte secKey[],
byte convKey[])
- Decipher an encrypted conventional key using an asymmetric crypto system
- Parameters:
- pubKeyAlg - identifies the asymmetric algorithm to be used
- keyEncMode - specifies the padding of the data key
- convAlg - describes the conventional algorithm corresponding to
the key
- pubCipher - contains the encryption under the public key
indicates that message is the name of a file to be decrypted)
- commonKey - is the common paart of the secret key
- secKey - is the secret key to be used for decryption
- convKey - the key recovered in clear text
- Returns:
- return code (0 if successful)
- See Also:
- pkEncipher
generateSignature
public static native int generateSignature(int signatureAlg,
int hashAlg,
byte message[],
int messageLength,
byte commonKey[],
byte secKey[],
byte signature[])
- Sign a string.
A digital signature is applied to the message using a secret signature
key.
- Parameters:
- signatureAlg - identifies the signature algorithm to be used
- hashAlg - identifies the hash algorithm to be used (0
indicates no hashing)
- message - is a byte array containing the message
- messageLength - is the length of the message in bytes (0
indicates that message is the name of a file to be signed)
- commonKey - is the common paart of the secret key
- secKey - is a byte array containing the secret key
- signature - is a byte array containing the digital signature
(if the message is a file and no hash algorithm is chosen, the
signature must be writte to a file)
- Returns:
- an integer encoding possible errors (0 for success)
- See Also:
- verifySignature
verifySignature
public static native int verifySignature(int signatureAlg,
int hashAlg,
byte message[],
int messageLength,
byte signature[],
byte commonKey[],
byte pubKey[])
- Verify a signature.
A digital signature on a message is verified using a public signature
key.
- Parameters:
- signatureAlg - identifies the signature algorithm to be used
- hashAlg - identifies the hash algorithm to be used (0
indicates no hashing)
- message - the message on which to verify a signature
- messageLength - is the length of the message in bytes (0
indicates that message is the name of a file)
- signature - is a byte array containing the digital signature
(if the message is a file and no hash algorithm is chosen, the
signature must be a file)
- commonKey - is the common part of the public key
- pubKey - is a byte array containing the secret key
- Returns:
- an integer encoding possible errors
0: signature good
1: all computations succeeded, but signature didn't verify
other values to be defined
- See Also:
- generateSignature
generateMAC
public static native int generateMAC(int MACalg,
int convAlg,
byte message[],
int messageLength,
byte MACVal[],
byte key[])
- Generate a MAC.
A message authentication code is generated on a message using a symmetric key.
- Parameters:
- MACalg - identifies the algorithm to be used (this also defines
the possible padding of the mess)
- convAlg - identifies the conventional algorithm to be used (in
case this is needed by the algorithm defined by MACalg)
- message - the message on which to generate a MAC
- messageLength - is the length of the message in bytes (0
indicates that message is the name of a file)
- MACVal - the MAC value
- key - an array of bytes with the conventional key
- Returns:
- an integer encoding possible errors (0 for success)
- See Also:
- verifyMAC
verifyMAC
public static native int verifyMAC(int MACalg,
int convAlg,
byte message[],
int messageLength,
byte MAC[],
byte key[])
- Verify a MAC.
A message authentication code is verified using a symmetric key
key.
- Parameters:
- MACalg - identifies the algorithm to be used
- convAlg - identifies the conventional algorithm to be used (in
case this is needed by the algorithm defined by MACalg)
- message - the message on which to verify the MAC
- messageLength - is the length of the message in bytes (0
indicates that message is the name of a file)
- MAC - the MAC to verify
- key - describes the key to be used
- Returns:
- an integer encoding the result of the verification (same encoding
as for signature verification)
- See Also:
- verifySignature, generateMAC
whichAlgs
public static native int whichAlgs(int secService,
int algorithms[])
- Gives information of supported algorithms.
The security services are encoded as follows.
0: Conventional krypto system
1: MAC algorithm
2: Public key de/encryption
3: Methods for making signatures
4: Hash functions
- Parameters:
- secService - is an integer describing the security service for
which the algorithms should be used
- algorithms - is an array of integers describing the supported
algorithms (at most 10)
- Returns:
- the number of algorithms supported
All Packages Class Hierarchy This Package Previous Next Index