Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Expresso 5-6
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.jcorporate.expresso.core.security.strongencryption
Class StringEncryption

java.lang.Object
  extended bycom.jcorporate.expresso.core.security.AbstractStringEncryption
      extended bycom.jcorporate.expresso.core.security.strongencryption.StringEncryption
public class StringEncryption
extends AbstractStringEncryption

StringEncryption.java

Copyright 2000, 2001 Jcorporate Ltd.

This class provides basic string encryption. It'll provide the services of password whitening and automatic selection of encryption.

Known Vulnerabilities. The actual whitened password remains in memory for performance sake. An attacker may find the actual password by looking at swap files looking for Base64 encoded strings. (Not too hard to grep out) but it requires an attacker to gain access to the swap partition of the server. Do not use this class for a personal encryption program.


Byte Array Format Information:

An encrypted string has the following format:

Byte 0: File Version Number(whole number only)

Bytes 1-6: 3 character desgination for the encryption mode used. UTF-16 BE

Bytes 7-14/22: The 8/16 byte random input vector to the encrypted system.

Bytes 15+/23++ : The Actual Encrypted Data

Author:
Michael Rimov

Field Summary
protected static ByteArrayCounter ivCounter128
           
protected static ByteArrayCounter ivCounter64
           
 
Constructor Summary
StringEncryption()
          class for encapsulating encryption.
 
Method Summary
 byte[] decrypt(byte[] inputData)
          Same as decryptString, but only deals in byte arrays.
 void destroy()
          Unregisters the cryptographic handler
 byte[] encrypt(byte[] inputData)
          Same as encryptString, but only deals in byte arrays.
 byte[] encrypt(byte[] inputData, String theShortCipherString)
          Encrypts a byte array of data based upon the method desired.
 void init()
           
 
Methods inherited from class com.jcorporate.expresso.core.security.AbstractStringEncryption
decryptString, encryptString, getCryptoManager, getPreparedPassKey, preparePassKey, setCryptoManager
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ivCounter64

protected static ByteArrayCounter ivCounter64

ivCounter128

protected static ByteArrayCounter ivCounter128
Constructor Detail

StringEncryption

public StringEncryption()
class for encapsulating encryption. constructor will throw if JCE jar is not found; see Ant target 'get-crypto' for easy means to download appropriate crypto library. it is under export restriction, so it cannot be added to the expresso library as publicly distributed

Method Detail

init

public void init()
          throws ChainedException
Overrides:
init in class AbstractStringEncryption
Throws:
ChainedException

destroy

public void destroy()
Unregisters the cryptographic handler

Overrides:
destroy in class AbstractStringEncryption

decrypt

public byte[] decrypt(byte[] inputData)
               throws ChainedException
Same as decryptString, but only deals in byte arrays. This method must be implemented by descendants of this class.

Specified by:
decrypt in class AbstractStringEncryption
Parameters:
inputData - The input data to decrypt
Returns:
the decrypted data byte
Throws:
ChainedException - Upn encryption error

encrypt

public byte[] encrypt(byte[] inputData,
                      String theShortCipherString)
               throws ChainedException
Encrypts a byte array of data based upon the method desired. See the main notes for this class for valid encryptMethod strings.

Note that a similar decrypt is not needed because the encryptMethod is included in the header of the encrypted byte array.

Parameters:
inputData - The data to encrypt
theShortCipherString - The 'short name' of the cipher to use
Returns:
The encrypted byte array
Throws:
ChainedException - Upon error encrypting

encrypt

public byte[] encrypt(byte[] inputData)
               throws ChainedException
Same as encryptString, but only deals in byte arrays. This must be implemented by the descendants of this class.

Specified by:
encrypt in class AbstractStringEncryption
Parameters:
inputData - The data to encrypt
Returns:
The encrypted byte array.
Throws:
ChainedException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Expresso 5-6
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Please see www.jcorporate.com for information about new Expresso releases.