Package org.cryptacular.bean
Class AbstractCipherBean
java.lang.Object
org.cryptacular.bean.AbstractCipherBean
- All Implemented Interfaces:
CipherBean
- Direct Known Subclasses:
AbstractBlockCipherBean
Base class for all cipher beans. The base class assumes all ciphertext output will contain a prepended
CiphertextHeaderV2
containing metadata that facilitates decryption.- Author:
- Middleware Services
-
Constructor Summary
ConstructorsConstructorDescriptionCreates a new instance.AbstractCipherBean
(KeyStore keyStore, String keyAlias, String keyPassword, Nonce nonce) Creates a new instance by specifying all properties. -
Method Summary
Modifier and TypeMethodDescriptionbyte[]
decrypt
(byte[] input) Decrypts the input data using a block cipher.void
decrypt
(InputStream input, OutputStream output) Decrypts the data from the input stream onto the output stream using a symmetric cipher.byte[]
encrypt
(byte[] input) Encrypts the input data using a symmetric cipher.void
encrypt
(InputStream input, OutputStream output) Encrypts the data from the input stream onto the output stream using a symmetric cipher.getNonce()
protected SecretKey
Looks up secret key entry in thekeyStore
.protected abstract byte[]
process
(CiphertextHeader header, boolean mode, byte[] input) Processes the given data under the action of the cipher.protected abstract void
process
(CiphertextHeader header, boolean mode, InputStream input, OutputStream output) Processes the given data under the action of the cipher.void
setKeyAlias
(String keyAlias) Sets the keystore entry alias used to locate the current encryption key.void
setKeyPassword
(String keyPassword) Sets the password used to access the encryption key.void
setKeyStore
(KeyStore keyStore) Sets the keystore containing encryption/decryption key(s).void
Sets the nonce/IV generation strategy.
-
Constructor Details
-
AbstractCipherBean
public AbstractCipherBean()Creates a new instance. -
AbstractCipherBean
Creates a new instance by specifying all properties.- Parameters:
keyStore
- Key store containing encryption key.keyAlias
- Name of encryption key entry in key store.keyPassword
- Password used to decrypt key entry in keystore.nonce
- Nonce/IV generator.
-
-
Method Details
-
getKeyStore
- Returns:
- Keystore that contains the
SecretKey
.
-
setKeyStore
Sets the keystore containing encryption/decryption key(s). The keystore must contain aSecretKey
entry whose alias is given bysetKeyAlias(String)
, which will be used at the encryption key. It may contain additional symmetric keys to support, for example, key rollover where some existing ciphertexts have headers specifying a different key. In general all keys used for outstanding ciphertexts should be contained in the keystore.- Parameters:
keyStore
- Keystore containing encryption key(s).
-
getKeyAlias
-
setKeyAlias
Sets the keystore entry alias used to locate the current encryption key.- Parameters:
keyAlias
- Alias ofSecretKey
used for encryption.
-
setKeyPassword
Sets the password used to access the encryption key.- Parameters:
keyPassword
- Encryption key password.
-
getNonce
- Returns:
- Nonce/IV generation strategy.
-
setNonce
Sets the nonce/IV generation strategy.- Parameters:
nonce
- Nonce generator.
-
encrypt
Description copied from interface:CipherBean
Encrypts the input data using a symmetric cipher.- Specified by:
encrypt
in interfaceCipherBean
- Parameters:
input
- Plaintext data to encrypt.- Returns:
- Ciphertext output.
- Throws:
CryptoException
- on underlying cipher data handling errors.
-
encrypt
Description copied from interface:CipherBean
Encrypts the data from the input stream onto the output stream using a symmetric cipher.The caller is responsible for providing and managing the streams (e.g. closing them when finished).
- Specified by:
encrypt
in interfaceCipherBean
- Parameters:
input
- Input stream containing plaintext data to encrypt.output
- Output stream containing ciphertext produced by cipher in encryption mode.- Throws:
CryptoException
- on underlying cipher data handling errors.StreamException
- on stream IO errors.
-
decrypt
Description copied from interface:CipherBean
Decrypts the input data using a block cipher.- Specified by:
decrypt
in interfaceCipherBean
- Parameters:
input
- Ciphertext data to encrypt.- Returns:
- Plaintext output.
- Throws:
CryptoException
- on underlying cipher data handling errors.EncodingException
-
decrypt
public void decrypt(InputStream input, OutputStream output) throws CryptoException, EncodingException, StreamException Description copied from interface:CipherBean
Decrypts the data from the input stream onto the output stream using a symmetric cipher.The caller is responsible for providing and managing the streams (e.g. closing them when finished).
- Specified by:
decrypt
in interfaceCipherBean
- Parameters:
input
- Input stream containing ciphertext data to decrypt.output
- Output stream containing plaintext produced by cipher in decryption mode.- Throws:
CryptoException
- on underlying cipher data handling errors.StreamException
- on stream IO errors.EncodingException
-
lookupKey
Looks up secret key entry in thekeyStore
.- Parameters:
alias
- Name of secret key entry.- Returns:
- Secret key.
-
process
Processes the given data under the action of the cipher.- Parameters:
header
- Ciphertext header.mode
- True for encryption; false for decryption.input
- Data to process by cipher.- Returns:
- Ciphertext data under encryption, plaintext data under decryption.
-
process
protected abstract void process(CiphertextHeader header, boolean mode, InputStream input, OutputStream output) Processes the given data under the action of the cipher.- Parameters:
header
- Ciphertext header.mode
- True for encryption; false for decryption.input
- Stream containing input data.output
- Stream that receives output of cipher.
-