Class AbstractCipherBean

java.lang.Object
org.cryptacular.bean.AbstractCipherBean
All Implemented Interfaces:
CipherBean
Direct Known Subclasses:
AbstractBlockCipherBean

public abstract class AbstractCipherBean extends Object implements CipherBean
Base class for all cipher beans. The base class assumes all ciphertext output will contain a prepended CiphertextHeaderV2 containing metadata that facilitates decryption.
Author:
Middleware Services
  • Constructor Details

    • AbstractCipherBean

      public AbstractCipherBean()
      Creates a new instance.
    • AbstractCipherBean

      public AbstractCipherBean(KeyStore keyStore, String keyAlias, String keyPassword, Nonce nonce)
      Creates a new instance by specifying all properties.
      Parameters:
      keyStore - Key store containing encryption key.
      keyAlias - Name of encryption key entry in key store.
      keyPassword - Password used to decrypt key entry in keystore.
      nonce - Nonce/IV generator.
  • Method Details

    • getKeyStore

      public KeyStore getKeyStore()
      Returns:
      Keystore that contains the SecretKey.
    • setKeyStore

      public void setKeyStore(KeyStore keyStore)
      Sets the keystore containing encryption/decryption key(s). The keystore must contain a SecretKey entry whose alias is given by setKeyAlias(String), which will be used at the encryption key. It may contain additional symmetric keys to support, for example, key rollover where some existing ciphertexts have headers specifying a different key. In general all keys used for outstanding ciphertexts should be contained in the keystore.
      Parameters:
      keyStore - Keystore containing encryption key(s).
    • getKeyAlias

      public String getKeyAlias()
      Returns:
      Alias that specifies the KeyStore entry containing the SecretKey.
    • setKeyAlias

      public void setKeyAlias(String keyAlias)
      Sets the keystore entry alias used to locate the current encryption key.
      Parameters:
      keyAlias - Alias of SecretKey used for encryption.
    • setKeyPassword

      public void setKeyPassword(String keyPassword)
      Sets the password used to access the encryption key.
      Parameters:
      keyPassword - Encryption key password.
    • getNonce

      public Nonce getNonce()
      Returns:
      Nonce/IV generation strategy.
    • setNonce

      public void setNonce(Nonce nonce)
      Sets the nonce/IV generation strategy.
      Parameters:
      nonce - Nonce generator.
    • encrypt

      public byte[] encrypt(byte[] input) throws CryptoException
      Description copied from interface: CipherBean
      Encrypts the input data using a symmetric cipher.
      Specified by:
      encrypt in interface CipherBean
      Parameters:
      input - Plaintext data to encrypt.
      Returns:
      Ciphertext output.
      Throws:
      CryptoException - on underlying cipher data handling errors.
    • encrypt

      public void encrypt(InputStream input, OutputStream output) throws CryptoException, StreamException
      Description copied from interface: CipherBean
      Encrypts the data from the input stream onto the output stream using a symmetric cipher.

      The caller is responsible for providing and managing the streams (e.g. closing them when finished).

      Specified by:
      encrypt in interface CipherBean
      Parameters:
      input - Input stream containing plaintext data to encrypt.
      output - Output stream containing ciphertext produced by cipher in encryption mode.
      Throws:
      CryptoException - on underlying cipher data handling errors.
      StreamException - on stream IO errors.
    • decrypt

      public byte[] decrypt(byte[] input) throws CryptoException, EncodingException
      Description copied from interface: CipherBean
      Decrypts the input data using a block cipher.
      Specified by:
      decrypt in interface CipherBean
      Parameters:
      input - Ciphertext data to encrypt.
      Returns:
      Plaintext output.
      Throws:
      CryptoException - on underlying cipher data handling errors.
      EncodingException
    • decrypt

      public void decrypt(InputStream input, OutputStream output) throws CryptoException, EncodingException, StreamException
      Description copied from interface: CipherBean
      Decrypts the data from the input stream onto the output stream using a symmetric cipher.

      The caller is responsible for providing and managing the streams (e.g. closing them when finished).

      Specified by:
      decrypt in interface CipherBean
      Parameters:
      input - Input stream containing ciphertext data to decrypt.
      output - Output stream containing plaintext produced by cipher in decryption mode.
      Throws:
      CryptoException - on underlying cipher data handling errors.
      StreamException - on stream IO errors.
      EncodingException
    • lookupKey

      protected SecretKey lookupKey(String alias)
      Looks up secret key entry in the keyStore.
      Parameters:
      alias - Name of secret key entry.
      Returns:
      Secret key.
    • process

      protected abstract byte[] process(CiphertextHeader header, boolean mode, byte[] input)
      Processes the given data under the action of the cipher.
      Parameters:
      header - Ciphertext header.
      mode - True for encryption; false for decryption.
      input - Data to process by cipher.
      Returns:
      Ciphertext data under encryption, plaintext data under decryption.
    • process

      protected abstract void process(CiphertextHeader header, boolean mode, InputStream input, OutputStream output)
      Processes the given data under the action of the cipher.
      Parameters:
      header - Ciphertext header.
      mode - True for encryption; false for decryption.
      input - Stream containing input data.
      output - Stream that receives output of cipher.