Class semper.crypto.CRMModule
All Packages Class Hierarchy This Package Previous Next Index
Class semper.crypto.CRMModule
java.lang.Object
|
+----semper.crypto.CRMModule
- public class CRMModule
- extends Object
Module supplying cryptographic services based on CRM's cryptotools.
All services can be used by static calls. The module provides implementations
of the cryptographic services needed by the manager.
- Version:
- $Revision: 1.6 $ $Date: 1997/01/27 15:04:07 $
- Author:
- Torben Pedersen ([email protected])
-
CRMModule()
- Constructor for module.
-
decipher(int, int, byte[], int, byte[], byte[])
- Decipher an array of bytes using the symmetric algorithm
described by alg.
-
encipher(int, int, byte[], int, byte[], byte[])
- Encipher an array of bytes using the symmetric algorithm described by alg.
-
generateHash(int, byte[], int, byte[])
-
-
generateMAC(int, int, byte[], int, byte[], byte[])
- Generate a MAC.
-
generatePubKeyPair(int, int, int, byte[], int, byte[], byte[], byte[])
- Generate a random public key pair.
-
generateSignature(int, int, byte[], int, byte[], byte[], byte[])
- Sign a string.
-
generateSymKey(int, byte[], int, byte[])
- Generate a random symmetric key.
-
getRandomBytes(int, byte[])
- Method for obtaining a required number of random bytes.
-
initModule(byte[], int)
- Method for initialising PRG of module.
-
pkDecipher(int, int, int, byte[], byte[], byte[], byte[])
- Decipher an encrypted conventional key using an asymmetric crypto system
-
pkEncipher(int, int, int, byte[], boolean, byte[], byte[], byte[])
- Encrypts a key to a conventional system under a public key.
-
verifyMAC(int, int, byte[], int, byte[], byte[])
- Verify a MAC.
-
verifySignature(int, int, byte[], int, byte[], byte[], byte[])
- Verify a signature.
-
whichAlgs(int, int[])
- Gives information of supported algorithms.
CRMModule
public CRMModule()
- Constructor for module. Should not be used as all services can be used by
static calls. This constructor does not do anything at all.
initModule
public static int initModule(byte seed[],
int seedLength)
- Method for initialising PRG of module.
- Parameters:
- seed - is a random string for initialising PRG
- seedLenght - is the lenght of the seed
- Returns:
- return code indicating the result of initialisation (0 success)
getRandomBytes
public static int getRandomBytes(int length,
byte randomBytes[])
- Method for obtaining a required number of random bytes.
This method assumes that the module has been initialised. Otherwise an
error is returned.
- Parameters:
- lenght - is the number of bytes requested
- randomBytes - coontains the random bytes
- Returns:
- return code indicating the result (0 success)
generateSymKey
public static int generateSymKey(int alg,
byte seed[],
int seedLength,
byte symKey[])
- Generate a random symmetric key.
A key for use by a symmetric algorithm is generated and returned. The key
generation will be based on the PRG of the module. However, if a seed is
provided this will be used instead. If the module has not been initialised
and no seed is provided an error is returned
- Parameters:
- alg, - an integer identifying the symmetric algorithm for which
a key is requested
- seed - is the random seed needed for the key generation
- seedLength - is the length of the seed
- symKey, - a byte array containing the symmetric key
- Returns:
- 0 indicates succes. Error possibilities (wrong alg identifier)
- See Also:
- initModule
generatePubKeyPair
public static int generatePubKeyPair(int alg,
int keyInf,
int keyLength,
byte seed[],
int seedLength,
byte commonKey[],
byte secKey[],
byte pubKey[])
- Generate a random public key pair.
A key pair for use by an asymmetric algorithm is generated and returned.The
key generation will be based on the PRG of the module. However, if a seed is
provided this will be used instead. If the module has not been initialised
and no seed is provided an error is returned
- Parameters:
- alg - the asymmetric algorithm for which a key pair is requested
- keyInf - may be used to describe further requirements on the key
(RSA: restrictions on the exponent; DSS: whether a given common
part should be used or a new generated)
- keyLength - indicates the length of the key
- seed - is the random seed needed for the key generation
- seedLength - is the length of the seed
- commonKey - contains a part of a public key which is generated
beforehand and is common to many users (e.g., parameters
describing the group in case of DL based systems)
- secKey, - a byte array containing the secret key
- pubKey - is a byte array containing the public key
- Returns:
- integer return code
- See Also:
- initModule
generateHash
public static int generateHash(int alg,
byte message[],
int messageLength,
byte hashVal[])
encipher
public static int encipher(int alg,
int paddingMode,
byte message[],
int messageLength,
byte key[],
byte cipher[])
- Encipher an array of bytes using the symmetric algorithm described by alg.
- Parameters:
- alg - identifies the symmetric algorithm to be used
- paddingMode - inicates the method for padding
- message - the message to encipher
- messageLength - is the length of the message in bytes (0
indicates that message is the name of a file to be encrypted)
- key - is the symmetric key to be used of the encryption
- cipher - contains the resulting cipher text (if messageLength is
0 cipher must specify a file)
- Returns:
- return code (0 if successful=
- See Also:
- decipher, pkEncipher
decipher
public static int decipher(int alg,
int paddingMode,
byte cipher[],
int cipherLength,
byte key[],
byte message[])
- Decipher an array of bytes using the symmetric algorithm
described by alg.
- Parameters:
- alg - identifies the algorithm to be used
- paddingMode - inicates the method for padding
- cipher - contains the cipher text
- cipherLength - is the length of the message in bytes (0
indicates that message is the name of a file to be decrypted)
- key - is the symmetric key to be used of the decryption
- message - is the message recovered in clear text (if cipherLength
is 0 message must specify a file)
- Returns:
- return code (0 if successful). The return code gives the number
of padding bits, which have been stripped of.
- See Also:
- encipher
pkEncipher
public static int pkEncipher(int pubKeyAlg,
int keyEncMode,
int convAlg,
byte convKey[],
boolean makeConvKey,
byte commonKey[],
byte pubkey[],
byte pubCipher[])
- Encrypts a key to a conventional system under a public key. The key may either be supplied as input or the function will generate one and return it.
- Parameters:
- pubKeyAlg - identifies the asymmetric algorithm to be used
- keyEncMode - specifies the padding of the key when encrypted
- convAlg - identifies the symmetric algorithm to be used (may be 0
if the key is given as input)
- convKey - is the key to be encrypted. Always contains the key in
clear afterwards.
- makeConvKey - flag telling if a new key should be generated (true)
or the one supplied in convKey should be encrypted.
- commonKey - is the common part of a public key
- pubKey - is the public key to be used
- pubCipher - contains the encryption under public key system
(of a the key in convKey)
- Returns:
- return code (0 if successful)
- See Also:
- generatePubKeyPair, decipher, pkDecipher
pkDecipher
public static int pkDecipher(int pubKeyAlg,
int keyEncMode,
int convAlg,
byte pubCipher[],
byte commonKey[],
byte secKey[],
byte convKey[])
- Decipher an encrypted conventional key using an asymmetric crypto system
- Parameters:
- pubKeyAlg - identifies the asymmetric algorithm to be used
- keyEncMode - specifies the padding of the data key
- convAlg - describes the conventional algorithm corresponding to
the key
- pubCipher - contains the encryption under the public key
indicates that message is the name of a file to be decrypted)
- commonKey - is the common paart of the secret key
- secKey - is the secret key to be used for decryption
- convKey - the key recovered in clear text
- Returns:
- return code (0 if successful)
- See Also:
- pkEncipher
generateSignature
public static int generateSignature(int signatureAlg,
int hashAlg,
byte message[],
int messageLength,
byte commonKey[],
byte secKey[],
byte signature[])
- Sign a string.
A digital signature is applied to the message using a secret signature
key.
- Parameters:
- signatureAlg - identifies the signature algorithm to be used
- hashAlg - identifies the hash algorithm to be used (0
indicates no hashing)
- message - is a byte array containing the message
- messageLength - is the length of the message in bytes (0
indicates that message is the name of a file to be signed)
- commonKey - is the common paart of the secret key
- secKey - is a byte array containing the secret key
- signature - is a byte array containing the digital signature
(if the message is a file and no hash algorithm is chosen, the
signature must be writte to a file)
- Returns:
- an integer encoding possible errors (0 for success)
- See Also:
- verifySignature
verifySignature
public static int verifySignature(int signatureAlg,
int hashAlg,
byte message[],
int messageLength,
byte signature[],
byte commonKey[],
byte pubKey[])
- Verify a signature.
A digital signature on a message is verified using a public signature
key.
- Parameters:
- signatureAlg - identifies the signature algorithm to be used
- hashAlg - identifies the hash algorithm to be used (0
indicates no hashing)
- message - the message on which to verify a signature
- messageLength - is the length of the message in bytes (0
indicates that message is the name of a file)
- signature - is a byte array containing the digital signature
(if the message is a file and no hash algorithm is chosen, the
signature must be a file)
- commonKey - is the common part of the public key
- pubKey - is a byte array containing the secret key
- Returns:
- an integer encoding possible errors
0: signature good
1: all computations succeeded, but signature didn't verify
other values to be defined
- See Also:
- generateSignature
generateMAC
public static int generateMAC(int MACalg,
int convAlg,
byte message[],
int messageLength,
byte MACVal[],
byte key[])
- Generate a MAC.
A message authentication code is generated on a message using a symmetric key.
- Parameters:
- MACalg - identifies the algorithm to be used (this also defines
the possible padding of the mess)
- convAlg - identifies the conventional algorithm to be used (in
case this is needed by the algorithm defined by MACalg)
- message - the message on which to generate a MAC
- messageLength - is the length of the message in bytes (0
indicates that message is the name of a file)
- MACVal - the MAC value
- key - an array of bytes with the conventional key
- Returns:
- an integer encoding possible errors (0 for success)
- See Also:
- verifyMAC
verifyMAC
public static int verifyMAC(int MACalg,
int convAlg,
byte message[],
int messageLength,
byte MAC[],
byte key[])
- Verify a MAC.
A message authentication code is verified using a symmetric key
key.
- Parameters:
- MACalg - identifies the algorithm to be used
- convAlg - identifies the conventional algorithm to be used (in
case this is needed by the algorithm defined by MACalg)
- message - the message on which to verify the MAC
- messageLength - is the length of the message in bytes (0
indicates that message is the name of a file)
- MAC - the MAC to verify
- key - describes the key to be used
- Returns:
- an integer encoding the result of the verification (same encoding
as for signature verification)
- See Also:
- verifySignature, generateMAC
whichAlgs
public static int whichAlgs(int secService,
int algorithms[])
- Gives information of supported algorithms.
The security services are encoded as follows.
0: Conventional krypto system
1: MAC algorithm
2: Public key de/encryption
3: Methods for making signatures
4: Hash functions
- Parameters:
- secService - is an integer describing the security service for
which the algorithms should be used
- algorithms - is an array of integers describing the supported
algorithms (at most 10)
- Returns:
- the number of algorithms supported
All Packages Class Hierarchy This Package Previous Next Index