org.jpos.security.jceadapter

Class JCEHandler

java.lang.Object

org.jpos.security.jceadapter.JCEHandler

public class JCEHandler
extends java.lang.Object

Provides some higher level methods that are needed by the JCE Security Module, yet they are generic and can be used elsewhere.

It depends on the Java^TM Cryptography Extension (JCE).

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
protected static class	JCEHandler.MacEngineKey Class used for indexing MAC algorithms in cache

Constructor Summary

Constructors

Constructor and Description
JCEHandler(java.security.Provider provider) Uses the JCE provider specified
JCEHandler(java.lang.String jceProviderClassName) Registers the JCE provider whose name is providerName and sets it to be the only provider to be used in this instance of the JCEHandler class.

Method Summary

Modifier and Type	Method and Description
byte[]	decryptData(byte[] encryptedData, java.security.Key key) Decrypts data
byte[]	decryptDataCBC(byte[] encryptedData, java.security.Key key, byte[] iv) Decrypts data
java.security.Key	decryptDESKey(short keyLength, byte[] encryptedDESKey, java.security.Key encryptingKey, boolean checkParity) Decrypts an encrypted DES/Triple-DES key
byte[]	encryptData(byte[] data, java.security.Key key) Encrypts data
byte[]	encryptDataCBC(byte[] data, java.security.Key key, byte[] iv) Encrypts data
byte[]	encryptDESKey(short keyLength, java.security.Key clearDESKey, java.security.Key encryptingKey) Encrypts (wraps) a clear DES Key, it also sets odd parity before encryption
protected byte[]	extractDESKeyMaterial(short keyLength, java.security.Key clearDESKey) Extracts the DES/DESede key material
protected java.security.Key	formDESKey(short keyLength, byte[] clearKeyBytes) Forms the clear DES key given its "RAW" encoded bytes Does the inverse of extractDESKeyMaterial
java.security.Key	generateDESKey(short keyLength) Generates a clear DES (DESede) key
byte[]	generateMAC(byte[] data, java.security.Key kd, java.lang.String macAlgorithm) Generates MAC (Message Message Authentication Code) for some data.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JCEHandler

public JCEHandler(java.lang.String jceProviderClassName)
           throws JCEHandlerException

Registers the JCE provider whose name is providerName and sets it to be the only provider to be used in this instance of the JCEHandler class.

Parameters:

jceProviderClassName - Name of the JCE provider (e.g. "com.sun.crypto.provider.SunJCE" for Sun's implementation, or "org.bouncycastle.jce.provider.BouncyCastleProvider" for bouncycastle.org implementation)

Throws:

JCEHandlerException

JCEHandler

public JCEHandler(java.security.Provider provider)

Uses the JCE provider specified

Parameters:

provider -

Method Detail

generateDESKey

public java.security.Key generateDESKey(short keyLength)
                                 throws JCEHandlerException

Generates a clear DES (DESede) key

Parameters:

keyLength - the bit length (key size) of the generated key (LENGTH_DES, LENGTH_DES3_2KEY or LENGTH_DES3_3KEY)

Returns:

generated clear DES (or DESede) key

Throws:

JCEHandlerException

encryptDESKey

public byte[] encryptDESKey(short keyLength,
                            java.security.Key clearDESKey,
                            java.security.Key encryptingKey)
                     throws JCEHandlerException

Encrypts (wraps) a clear DES Key, it also sets odd parity before encryption

Parameters:

keyLength - bit length (key size) of the clear DES key (LENGTH_DES, LENGTH_DES3_2KEY or LENGTH_DES3_3KEY)

clearDESKey - DES/Triple-DES key whose format is "RAW" (for a DESede with 2 Keys, keyLength = 128 bits, while DESede key with 3 keys keyLength = 192 bits)

encryptingKey - can be a key of any type (RSA, DES, DESede...)

Returns:

encrypted DES key

Throws:

JCEHandlerException

extractDESKeyMaterial

protected byte[] extractDESKeyMaterial(short keyLength,
                                       java.security.Key clearDESKey)
                                throws JCEHandlerException

Extracts the DES/DESede key material

Parameters:

keyLength - bit length (key size) of the DES key. (LENGTH_DES, LENGTH_DES3_2KEY or LENGTH_DES3_3KEY)

clearDESKey - DES/Triple-DES key whose format is "RAW"

Returns:

encoded key material

Throws:

JCEHandlerException

decryptDESKey

public java.security.Key decryptDESKey(short keyLength,
                                       byte[] encryptedDESKey,
                                       java.security.Key encryptingKey,
                                       boolean checkParity)
                                throws JCEHandlerException

Decrypts an encrypted DES/Triple-DES key

Parameters:

keyLength - bit length (key size) of the DES key to be decrypted. (LENGTH_DES, LENGTH_DES3_2KEY or LENGTH_DES3_3KEY)

encryptedDESKey - the byte[] representing the encrypted key

encryptingKey - can be of any algorithm (RSA, DES, DESede...)

checkParity - if true, the parity of the key is checked

Returns:

clear DES (DESede) Key

Throws:

JCEHandlerException - if checkParity==true and the key does not have correct parity

formDESKey

protected java.security.Key formDESKey(short keyLength,
                                       byte[] clearKeyBytes)
                                throws JCEHandlerException

Forms the clear DES key given its "RAW" encoded bytes Does the inverse of extractDESKeyMaterial

Parameters:

keyLength - bit length (key size) of the DES key. (LENGTH_DES, LENGTH_DES3_2KEY or LENGTH_DES3_3KEY)

clearKeyBytes - the RAW DES/Triple-DES key

Returns:

clear key

Throws:

JCEHandlerException

encryptData

public byte[] encryptData(byte[] data,
                          java.security.Key key)
                   throws JCEHandlerException

Encrypts data

Parameters:

data -

key -

Returns:

encrypted data

Throws:

JCEHandlerException

decryptData

public byte[] decryptData(byte[] encryptedData,
                          java.security.Key key)
                   throws JCEHandlerException

Decrypts data

Parameters:

encryptedData -

key -

Returns:

clear data

Throws:

JCEHandlerException

encryptDataCBC

public byte[] encryptDataCBC(byte[] data,
                             java.security.Key key,
                             byte[] iv)
                      throws JCEHandlerException

Encrypts data

Parameters:

data -

key -

iv - 8 bytes initial vector

Returns:

encrypted data

Throws:

JCEHandlerException

decryptDataCBC

public byte[] decryptDataCBC(byte[] encryptedData,
                             java.security.Key key,
                             byte[] iv)
                      throws JCEHandlerException

Decrypts data

Parameters:

encryptedData -

key -

iv - 8 bytes initial vector

Returns:

clear data

Throws:

JCEHandlerException

generateMAC

public byte[] generateMAC(byte[] data,
                          java.security.Key kd,
                          java.lang.String macAlgorithm)
                   throws JCEHandlerException

Generates MAC (Message Message Authentication Code) for some data.

Parameters:

data - the data to be MACed

kd - the key used for MACing

macAlgorithm - MAC algorithm name suitable for Mac.getInstance(java.lang.String)

Returns:

the MAC

Throws:

JCEHandlerException