Package org.cryptacular.bean

Class AbstractCipherBean

java.lang.Object
org.cryptacular.bean.AbstractCipherBean
All Implemented Interfaces:
CipherBean
Direct Known Subclasses:
AbstractBlockCipherBean
public abstract class AbstractCipherBean extends Object implements CipherBean
Base class for all cipher beans. The base class assumes all ciphertext output will contain a prepended CiphertextHeader containing metadata that facilitates decryption.
Author:
Middleware Services

  • Constructor Details

    • AbstractCipherBean

      public AbstractCipherBean(KeyStore keyStore, String keyAlias, String keyPassword, Nonce nonce)
      Creates a new abstract cipher bean. The keystore must contain a SecretKey entry whose alias is given by the supplied alias, which will be used at the encryption key. It may contain additional symmetric keys to support, for example, key rollover where some existing ciphertexts have headers specifying a different key. In general all keys used for outstanding ciphertexts should be contained in the keystore.
      Parameters:
      keyStore - Key store containing encryption key.
      keyAlias - Name of encryption key entry in key store.
      keyPassword - Password used to decrypt key entry in keystore.
      nonce - Nonce/IV generator.

  • Method Details

    • getKeyStore

      public KeyStore getKeyStore()
      Returns:
      Keystore that contains the SecretKey.

    • getKeyAlias

      public String getKeyAlias()
      Returns:
      Alias that specifies the KeyStore entry containing the SecretKey.

    • getNonce

      public Nonce getNonce()
      Returns:
      Nonce/IV generation strategy.

    • encrypt

      public byte[] encrypt(byte[] input) throws CryptoException
      Description copied from interface: CipherBean
      Encrypts the input data using a symmetric cipher.
      Specified by:
      encrypt in interface CipherBean
      Parameters:
      input - Plaintext data to encrypt.
      Returns:
      Ciphertext output.
      Throws:
      CryptoException - on underlying cipher data handling errors.

    • encrypt

      public void encrypt(InputStream input, OutputStream output) throws CryptoException, StreamException
      Description copied from interface: CipherBean
      Encrypts the data from the input stream onto the output stream using a symmetric cipher.

      The caller is responsible for providing and managing the streams (e.g. closing them when finished).

      Specified by:
      encrypt in interface CipherBean
      Parameters:
      input - Input stream containing plaintext data to encrypt.
      output - Output stream containing ciphertext produced by cipher in encryption mode.
      Throws:
      CryptoException - on underlying cipher data handling errors.
      StreamException - on stream IO errors.

    • decrypt

      public byte[] decrypt(byte[] input) throws CryptoException, EncodingException
      Description copied from interface: CipherBean
      Decrypts the input data using a block cipher.
      Specified by:
      decrypt in interface CipherBean
      Parameters:
      input - Ciphertext data to encrypt.
      Returns:
      Plaintext output.
      Throws:
      CryptoException - on underlying cipher data handling errors.
      EncodingException

    • decrypt

      public void decrypt(InputStream input, OutputStream output) throws CryptoException, EncodingException, StreamException
      Description copied from interface: CipherBean
      Decrypts the data from the input stream onto the output stream using a symmetric cipher.

      The caller is responsible for providing and managing the streams (e.g. closing them when finished).

      Specified by:
      decrypt in interface CipherBean
      Parameters:
      input - Input stream containing ciphertext data to decrypt.
      output - Output stream containing plaintext produced by cipher in decryption mode.
      Throws:
      CryptoException - on underlying cipher data handling errors.
      StreamException - on stream IO errors.
      EncodingException

    • lookupKey

      protected SecretKey lookupKey(String alias)
      Looks up secret key entry in the keyStore.
      Parameters:
      alias - Name of secret key entry.
      Returns:
      Secret key.

    • process

      protected abstract byte[] process(CiphertextHeader header, boolean mode, byte[] input)
      Processes the given data under the action of the cipher.
      Parameters:
      header - Ciphertext header.
      mode - True for encryption; false for decryption.
      input - Data to process by cipher.
      Returns:
      Ciphertext data under encryption, plaintext data under decryption.

    • process

      protected abstract void process(CiphertextHeader header, boolean mode, InputStream input, OutputStream output)
      Processes the given data under the action of the cipher.
      Parameters:
      header - Ciphertext header.
      mode - True for encryption; false for decryption.
      input - Stream containing input data.
      output - Stream that receives output of cipher.