AbstractPasswordCiphertext (XWiki Platform - Cryptographic Services 3.1-milestone-2 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.xwiki.crypto.passwd.internal
Class AbstractPasswordCiphertext

java.lang.Object
  org.xwiki.crypto.passwd.internal.AbstractPasswordCiphertext

All Implemented Interfaces:: java.io.Serializable, PasswordCiphertext

Direct Known Subclasses:: AESPasswordCiphertext, CAST5PasswordCiphertext

public abstract class AbstractPasswordCiphertext
extends java.lang.Object
implements PasswordCiphertext
extends java.lang.Object
implements PasswordCiphertext

A service allowing users to encrypt and decrypt text using a password.

Note: Subclasses implementing other encryption methods should override getCipher() and optionally getKeyLength() also subclasses should avoid using fields since this class is serialized to produce the ciphertext.

Since:: 2.5M1
Version:: $Id$
See Also:: Serialized Form

Constructor Summary
`AbstractPasswordCiphertext()`

Method Summary
`byte[]`	`decrypt(java.lang.String password)` Get the message (i.e.
`protected org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher`	`getCipher()` Get the the cipher.
`protected int`	`getKeyLength()` Get the size of the cipher key.
`int`	`getRequiredKeySize()` Get the length of the key which should be output by the keyFunction which is to be passed to `PasswordCiphertext.init(byte[], String, KeyDerivationFunction)`.
`void`	`init(byte[] message, java.lang.String password, KeyDerivationFunction initializedKeyFunction)` Initialize this ciphertext with a given message (i.e.
`protected abstract org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher`	`newCipherInstance()` The cipher engine.
`byte[]`	`serialize()` Serialize this ciphertext into a byte array which can later be deserialized and the text decrypted from that.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

AbstractPasswordCiphertext

public AbstractPasswordCiphertext()

Method Detail

init

public void init(byte[] message,
                 java.lang.String password,
                 KeyDerivationFunction initializedKeyFunction)
          throws java.security.GeneralSecurityException

Initialize this ciphertext with a given message (i.e. plaintext), password, and an initialized key derivation function. To get the data back, use PasswordCiphertext.decrypt(String) with the same password.

Specified by:: init in interface PasswordCiphertext

Parameters:: message - the message which will be encrypted.; password - the password used to encrypt the message.; initializedKeyFunction - an initialized KeyDerivationFunction which will return a key of the length given by PasswordCiphertext.getRequiredKeySize().
Throws:: java.security.GeneralSecurityException - if something goes wrong while encrypting.
See Also:: PasswordCiphertext.init(byte[], java.lang.String, org.xwiki.crypto.passwd.KeyDerivationFunction)

decrypt

public byte[] decrypt(java.lang.String password)
               throws java.security.GeneralSecurityException

Get the message (i.e. plaintext) back from this ciphertext. Most of the time the response is null if the password is incorrect, 1 out of 250 times the output is unintelligable garbage which sneaks undetected past the padding scheme.

Specified by:: decrypt in interface PasswordCiphertext

Parameters:: password - the user supplied password.
Returns:: the original message or null if the password was wrong.
Throws:: java.security.GeneralSecurityException - if something goes wrong while decrypting.
See Also:: PasswordCiphertext.decrypt(java.lang.String)

serialize

public byte[] serialize()
                 throws java.io.IOException

Serialize this ciphertext into a byte array which can later be deserialized and the text decrypted from that.

Specified by:: serialize in interface PasswordCiphertext

Returns:: a byte array representing this object.
Throws:: java.io.IOException - if something goes wrong in the serialization framework.
See Also:: PasswordCiphertext.serialize()

getRequiredKeySize

public int getRequiredKeySize()

Get the length of the key which should be output by the keyFunction which is to be passed to PasswordCiphertext.init(byte[], String, KeyDerivationFunction). Users are expected to call this method and pass the result when initializing the key derivation function then pass the initialized key derivation function to PasswordCiphertext.init(byte[], String, KeyDerivationFunction).

Specified by:: getRequiredKeySize in interface PasswordCiphertext

Returns:: the length required for the derived key.
See Also:: PasswordCiphertext.getRequiredKeySize()

getKeyLength

protected int getKeyLength()

Get the size of the cipher key. This does not include the initialization vector as does getRequiredKeySize()

Returns:: the key length in bytes.

getCipher

protected org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher getCipher()

Get the the cipher. If this is the first call after this object was initialized, or if this object was deserialized, then this will call newCipherInstance.

Returns:: the cipher instance.

newCipherInstance

protected abstract org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher newCipherInstance()

The cipher engine. It is very important to wrap the engine with CBC or similar, otherwise large patches of the same data will translate to large patches of the same ciphertext. see: http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

Returns:: a new instance of the cipher engine to use.