Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Expresso 5-6
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.jcorporate.expresso.core.security.weakencryption
Class StringEncryption

java.lang.Object
  extended bycom.jcorporate.expresso.core.security.AbstractStringEncryption
      extended bycom.jcorporate.expresso.core.security.weakencryption.StringEncryption
public class StringEncryption
extends AbstractStringEncryption

This class provides basic string encryption. It'll provide the services of password whitening and automatic selection of encryption.

Known Vulnerabilities. The actual whitened password remains in memory for performance sake. An attacker may find the actual password by looking at swap files looking for Base64 encoded strings. (Not too hard to grep out) but it requires an attacker to gain access to the swap partition of the server. Do not use this class for a personal encryption program.

Author:
Michael Rimov

Field Summary
protected static ByteArrayCounter ivCounter
           
 
Constructor Summary
StringEncryption()
           
 
Method Summary
 byte[] decrypt(byte[] inputData)
          Same as decryptString, but only deals in byte arrays.
 byte[] encrypt(byte[] inputData)
          Same as encryptString, but only deals in byte arrays.
 
Methods inherited from class com.jcorporate.expresso.core.security.AbstractStringEncryption
decryptString, destroy, encryptString, getCryptoManager, getPreparedPassKey, init, preparePassKey, setCryptoManager
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ivCounter

protected static ByteArrayCounter ivCounter
Constructor Detail

StringEncryption

public StringEncryption()
                 throws ChainedException
Throws:
ChainedException
Method Detail

decrypt

public byte[] decrypt(byte[] inputData)
               throws ChainedException,
                      IllegalArgumentException
Same as decryptString, but only deals in byte arrays. This method must be implemented by descendants of this class.

Specified by:
decrypt in class AbstractStringEncryption
Parameters:
inputData - A byte aray of data to decrypt
Returns:
Throws:
ChainedException - If there's an error decrypting the data
IllegalArgumentException

encrypt

public byte[] encrypt(byte[] inputData)
               throws ChainedException,
                      IllegalArgumentException
Same as encryptString, but only deals in byte arrays. This must be implemented by the descendants of this class.

Specified by:
encrypt in class AbstractStringEncryption
Parameters:
inputData - A byte array to encrypt
Returns:
Throws:
ChainedException
IllegalArgumentException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Expresso 5-6
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Please see www.jcorporate.com for information about new Expresso releases.